GLOSSARY

DNS flood: NXDOMAIN Flood

he roadmap to every single computer on the Internet is held in DNS servers. The DNS NXDOMAIN flood attack attempts to make servers disappear from the Internet by making impossible for clients to access the roadmap.

In this attack the attacker floods the DNS server with requests for invalid or nonexistent records. The DNS server spends its time searching for something that doesn't exist instead of serving legitimate requests. The result is that the cache on the DNS server gets filled with bad requests, and clients can't find the servers they are looking for.

The DNS Express functionality in F5 BIG-IP DNS mitigates NXDOMAIN floods by retaining all the valid organization zone information, even during the flood. Nonexistent domains and servers are not logged or retained in the cache. This means that legitimate requests can still pull accurate information from the cache, since the cache is never flooded with bad data.

Connect with F5

F5 Labs

The latest in application threat intelligence.

DevCentral

The F5 community for discussion forums and expert articles.

F5 Newsroom

News, F5 blogs, and more.