[Hosting] NXDOMAIN DNS DDoS Issues

[Lance Albertson <la...@osuosl.org>]

All,

We've been experiencing NXDOMAIN DDoS attacks on our DNS servers today and
yesterday that have been impacting resolving many of the domains we host.
So far, this seems to mostly impact our authoritative DNS for external
access. Our recursive query caching on our internal network seems to
function fine during the attacks.

The following are the time frames when our services have been impacted by
these attacks:

Jan 18, 2023: 8:58AM - 10:41AM PST (1758 - 1841 UTC)
Jan 19, 2023: 7:21AM - 9:21AM PST (1521 - 17:24 UTC)

We have been doing our best to mitigate the issues but have been unable to
do so when the attack happens. As of right now, it seems the attack
starting this morning has stopped, but I'd imagine it may happen again
unfortunately.

We will do our best to continue to work on mitigation solutions for future
attacks and apologies for the issues this has caused. If anyone has
experience mitigating NXDOMAIN attacks using ISC BIND, please send me a
direct email to see if there are any additional measures we can take.

Thanks for your patience.

-- 
Lance Albertson
Director
Oregon State University | Open Source Lab