> On my DNS authoritative servers which are behind an OpenBSD 6.6 firewall I just saw some weird UDP high volume traffic on port 53 my these DNS servers coming from Google (e.g. 74.125.18.1 or 172.253.214.111).
>
> These few IPs generated around 5200 requests/second on my DNS servers so I was wondering if one can also limit the rate of requests in PF on UDP traffic such as can be done with TCP (using max-src-nodes, max-src-conn, etc)?
>
> Looking at the documentation (https://www.openbsd.org/faq/pf/filter.html) it only mentions TCP. So I deduct that it is simply not possible to somehow limit the rate of UDP connections with PF, am I right here?
Would it help to queue the UDP traffic and limit the bandwidth of the queue?
Regards
Ben
No comments:
Post a Comment