@bnrstnr said in Pi-hole server involved in a 'DNS Amplification' DDOS Attack:

@DustinB3403 didn't you say the method above would only work for devices on the Pi-Hole's LAN?

The method linked by someone else would, yes. As it's impractical to try to do said linked approach for the open internet.

Again, it's what you would do, but isn't practical because of your scale.

Post 18.

@DustinB3403 said in Pi-hole server involved in a 'DNS Amplification' DDOS Attack:

But the reported issue is that these request appear to come from your devices. IE they are spoofed or are legitimately coming from your trusted network.

Can you setup ingress filtering for this?

This is the approach proposed by Curtis.

@Curtis said in Pi-hole server involved in a 'DNS Amplification' DDOS Attack:

https://freek.ws/2017/03/18/blocking-dns-amplification-attacks-using-iptables/