Need some help - Massive amount of inbound TXT dns requests

hey, currently, i have a domain that is held at a registrar but i linked the domain to cloudflare. the domain has nameservers pointed to the cloudlfare on my registrar’s website. in cloudflare, i have the cloudflare dns linked to my remote server ip and is currently proxied and set up to be https with their free cert.

on my remote server, i have simple dns plus installed that will be used to portforward dead domains to my ip

even with a fresh install of simple dns plus (no records), it starts spamming these TXT dns query requests for cisco.com, globo.com, and atlassian.com. they aren’t really from those domains, rather it’s random computers sending dns query requests to my dns for those domains

i have actually ignored all those requests with simple dns’s block plug ins. however, they are still all coming in as inbound dns requests making the line on the heartbeart chart go crazy

they only go away when i point the inbound dns request allowlist to just my localhost 127.0.0.1

which probably won’t workout with connecting via dns to my game. i have to keep the dns open so anyone can use the dns to connect to the game. it’s a public server.

i don’t know how to make them go away. how would get these to go away and are they affecting my set up even though i ignored the requests?

snippet of my dns active log -

This will happen with public DNS servers and not related to Cloudflare.

Why are you hosting your own DNS server and not having a record in Cloudflare for it?

it’s a very unique circumstance. It’s a game revivial project. said game has a bunch of dead domains i don’t own that i need to portforward to my remote server ip. can’t do that on cloudflare. it didn’t do this prior to linking my domain to cloudflare.

This would appear to be correlation not causation.

you’re saying that linking my domain to cloudflare’s nameservers isn’t the cause? they were previously on my registrar’s nameservers. simply installing simple dns plus and starting it,no records, there shouldn’t be this amount of requests coming in. usually it’s pretty blank when you first install simple dns.

can you confirm whether or not these constant requests will be an issue? why is my simple dns picking them up?

Your server is picking them up because you have exposed a DNS server to the Internet and plenty of folks are scanning for open recursive resolvers / misconfigured and exploitable services.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.