[dns-operations] DNS Issue

Jason Bratton jbratton at rackspace.com
Wed Apr 24 15:32:35 UTC 2013

Paul Wouters wrote:
> I have been hearing more reports of people in the last two weeks that
> DNS queries originating from port 53 are getting blocked. slashdot.org
> was one of those domains that started failing when your recursing name
> server is configured to use a query port of 53.

We've seen several DDOS attacks directed towards our nameservers that 
used source port 53.  Likewise, we have temporarily blocked queries that 
used source port 53 to buy us time while enacting better DDOS 
mitigations.  With the prevalence of source port randomization, it 
wouldn't surprise me if some people started permanently blocking source 
port 53.  I'm not saying I agree with that practice, but I can 
definitely imagine it happening.

-- Jason

More information about the dns-operations mailing list