[zrail]

Is anyone else seeing a sustained level of trashy DNS queries to their own servers? I've been seeing a sustained level to mine that's way above normal, for the last few days. I wonder if this is a broader problem than just DNSimple.

[devicenull]

That's probably someone attempting to you for a DDOS reflection. Take a look at http://openresolverproject.org/ and make sure you're not providing an open resolver to the internet

[zrail]

Definitely not in the list for either server.

[dsl]

Can you give an example of what 'trashy' is?

You could be an open resolver being used for reflection. You could be running DNSSEC and providing an amplification vector. You could be getting queries for another DNS server that used to have your IP. The possibilities are endless.

[zrail]

I'm running tinydns so it's definitely not DNSSEC or open resolving. The queries are for my domains, so it's not that they're questionable. The problem is that there are millions of them all from the same IP. So, it could be that it's some kind of attack, but I really don't know.

I'm planning on moving hosting over to Route53 at some point in the next few days, because the fact that I can't figure this out other than "turn off logging" tells me I probably shouldn't be running DNS servers.