Andrew,
Absolutely, appears that some TCP DNS requests from a 44 host 'tripped the sensors'. LOL
My memory resources on my device remained OK, as well as CPU (minus the load logging into LEDE web GUI).
It appears my server received 0 SNY Floods. That was by design. I did notice those concerned about my 'open DNS' to the Public Internet. TCP/53 was opened on 44.60.44.3 to allow AXFR (and incidentally, allowing TCP DNS requests to 44.IN-ADDR.ARPA. and AMPR.ORG, since it's Authoritative), that rule now only allows 44.0.0.0/8.
Until today, I never noticed any DNS TCP requests that hit a threshold, and [still] none from the Internet. I'm honestly unaware of what 'stretchoid.com' means; but they don't seem to be the cause. My firewall's timing just seems to be fast...
- Lynwood KB3VWG
Not many packets dropping might be ok. In fact, I'd expect it (and only would worry if most of the flood came back with ACKs).
SYN floods try to starve your memory resources by keeping TCP connections half open and wait for the timeout to sweep them out. But SYN cookies prevent that. So as long as memory allocation doesn't skyrocket when you don't see packet drops, that's a-ok.