Your IP may unfortunately be inside a CIDR block that largely does nothing but spam my infrastructure with script kiddie tomfoolery. Firewall rules apply to my authoritative DNS servers as well.
Edit: If you would like me to whitelist it, DM me your IP and I’ll add a narrow exception.
but I don’t run a recursive resolver, I use quad9 as upstream. Shouldn’t they return a response even if I was blocked?
dig confirms with EDNS extensions that the response is coming from quad9. the error says “no reachable authority” so it must be at least partly what you say, but I think you ended up blocking a DNS provider.
Ugh. Thanks. It’s quite possible, though maybe just a regional one? I did inadvertently block one of the IPs Let’s Encrypt uses for secondary validation, so this may be another case of that.
I get a shitload of bad traffic from the southeast Asia area (mostly Philippines/Singapore AWS) and have taken to blanket blocking their whole routes rather than constantly playing whack-a-mole. Fail2ban only goes so far for case-by-case.
Here’s the image from the meme from an alternate source:
what’s more, I can’t load this meme normally, my pihole says “no reply received” for the single domain of dubvee.org
Your IP may unfortunately be inside a CIDR block that largely does nothing but spam my infrastructure with script kiddie tomfoolery. Firewall rules apply to my authoritative DNS servers as well.
Edit: If you would like me to whitelist it, DM me your IP and I’ll add a narrow exception.
but I don’t run a recursive resolver, I use quad9 as upstream. Shouldn’t they return a response even if I was blocked?
dig confirms with EDNS extensions that the response is coming from quad9. the error says “no reachable authority” so it must be at least partly what you say, but I think you ended up blocking a DNS provider.
Ugh. Thanks. It’s quite possible, though maybe just a regional one? I did inadvertently block one of the IPs Let’s Encrypt uses for secondary validation, so this may be another case of that.
I get a shitload of bad traffic from the southeast Asia area (mostly Philippines/Singapore AWS) and have taken to blanket blocking their whole routes rather than constantly playing whack-a-mole. Fail2ban only goes so far for case-by-case.
Here’s the image from the meme from an alternate source: