Brian.
The question that occurs to me is why do you have your DNS server exposed to the network when likely no one is using it?
Actually, I have quite a few nodes using the DNS services, it was in use so much, that I coordinated with N1URO to make sure another DNS server was available on the East Coast. It's been in use since I stood up 44.60.44.3 as a DNS many years ago. In addition, some of those nodes use DNS TCP for requests. It's only accessible to 44/8 and TCP to all. NTP is also widely used here.
but I hope you are aware that TCP is also used for general DNS queries, not just zone transfers
Borja,
Very true, I had reason to believe it may have been a zone transfer. I'm inquiring about any DNS requests via TCP, though, to be clear.
Thanks,
- KB3VWG
On 06/27/2017 11:06 AM, Brian Kantor wrote:
It's not listed in the NS records for the zones and so the only way to make use of your server is to explicitly configure it as a server (in resolv.conf or its equivalent), which, excuse me, I doubt very many people have done.