I'll admit, I'm not the best with DNS but are these legit requests or a possible DDoS? I do run NAMED on this server. Here is a sample of what I get(about 1000 of them) all from different DNS servers Jan 23 18:14:08 host kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:02:b3:18:bf:b0:00:b0:c2:84:bf:80:08:01 SRC=FROM_SERVER DST=OUR_SERVER LEN=62 TOS=0x00 PREC=0x00 TTL=57 ID=45554 PROTO=UDP SPT=35074 DPT=53 LEN=42 we do have ALLOW port UDP 53 IN and OUT in the firewall/csf. But I just can't seem to explain why all these DNS Servers are all of a sudden calling us up. I do have: options { recursion no; }; I also noticed this started to happen around the time my DC connected me to their hardware firewalls. Could this in some way be related? I find it hard that it would, but I just can't figure out why all of a sudden I've got 100's of DNS calls every second coming to me.