Route 53: Getting bombarded with redundant DNS queries for a deleted host

Question

5 days into this billing cycle, and my Route 53 zone has received over 33 million requests for a particular host that I recently deleted.  And the associated DNS record was deleted too.  I didn't think I would get billed for a deleted host record, but indeed I am according to the billing dashboard.  Some initial query logging suggests that there are clients making many redundant requests for this deleted hostname.

I will most likely add back a record that resolves to 127.0.0.1 with a multi-day TTL.  That might make whatever code that's repeating the request to stop asking (as much).  But excessive and redundant DNS queries has always been a costly problem that I never could get a handle on.  I've dealt with the DDOS attacks on the host service for years, but I've never understood how to firewall Route 53 when these clients make redundant requests.

The ideal solution would be that Route 53 would simply ignore requests for the deleted host name (and not bill me for it).

What are my options?

Answer

Adding dummy record with long TTL might be the easiest solution as you said. If the client don't follow TTL but keep bombing your domain, other option could be using ALIAS record. Aliases are resolved for free when certain conditions are met. If your queries are from the internet, you could use e.g. internal ELB you already have for some other purpose as alias target. Or if you don't have suitable target, create a dummy resource and block traffic with security group to avoid charges for processing requests.

https://aws.amazon.com/route53/pricing/

Route 53: Getting bombarded with redundant DNS queries for a deleted host

相关内容