Article ID: 116810, created on Aug 19, 2013, last review on May 7, 2014

  • Applies to:
  • H-Sphere

Symptoms

DNS is under DOS attack

Cause

Bug

Workaround:

Create custom named.conf according to the Parallels H-Sphere 3.6.2 Upgrade Guide and write there:

1) at the top level some ACL limiting recursion to the HS boxes themselves, either by network/netmask address or using IP list:

 acl recursion-allow {192.0.2.0/24; 198.51.100.15;};

2) replace

 allow-recursion { any; };
 allow-query-cache { any; };

with

 allow-recursion { recursion-allow; };
 allow-query-cache { recursion-allow; };

Search Words

H-sphere DNS

DOS attack

DDOS attack

f213b9fa8759d57bee5d547445806fe7 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF