On 12 July our public resolver was being used as a DNS reflection weapon against third parties. Spoofed queries for one fat TXT record - cloudflare.com/TXT, 93.4% of all traffic, 3,455,950 queries in twelve hours - turned 71-byte queries into 2,257-byte answers aimed at forged source addresses. A 31.8x amplifier, emitting roughly 4.6 Mbps of attack traffic at networks that had never contacted us.

The source addresses belonged to victims, not to the attacker, so banning them would have completed the denial of service on the attacker's behalf. No address was banned. Instead we built a size-gated Response Rate Limiter with a TC=1 slip into our AdGuard Home fork: responses over 512 bytes are charged against two token buckets, one of them keyed on the query name itself, which collapses a carpet-bomb across 1,792 forged sources into a single 5-per-second budget. Over-budget answers are truncated to 32 bytes with the TC bit set.

  • Amplification 31.8x to 0.45x - the resolver now emits fewer bytes than it receives.
  • 12,301,925 responses neutralised over 15.5 hours of enforcement, 98.2% of the flood, at 0.061 ms median cost per query.
  • Zero collateral. Real clients retry over TCP and resolve; spoofed sources cannot complete a handshake. The false-positive ledger stayed clean across 67,905 shadow decisions.
  • An nftables rule was relaxed, not tightened. A blunt "drop short UDP/53 over 150/s" rule had been dropping legitimate queries - ssl.gstatic.com and api.epicgames.dev share the same packet size as the attack - so it was raised to a pure packet-rate backstop and the real defence moved up to the resolver.
  • The attack stopped on its own at 07:12 on 13 July and has not returned.

Encrypted transports were never affected: DoH, DoT and DoQ require a handshake, so a forged source address cannot be used for reflection at all. Only plain UDP/53 is exposed to this attack class.

The full account, including how to check whether your own AdGuard Home or Pi-hole is being used this way and what to do about it today: Is Your AdGuard Home or Pi-hole a DNS Amplification Weapon?