Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Trending KB Articles


Support Central: KB #5039: ‘set holddown’ command blocking all recursive queries

Problem Summary

The 'set holddown' command blocking all recursive queries


Customer Environment

Infoblox Grid running DNS service with global forwarders and 'set holddown' and forward-only clause enabled



All versions of NIOS



The 'set holddown' command cannot distinguish between a server or a forwarder and for this reason, all configurations are treated the same. Hence, all recursive queries may get 'held down'



Disable the 'set holddown' command and instead use 'fetches-per-server' and 'fetches-per-zone' commands. 


The holddown feature (stop query to server with too many timeouts) does not take forwarders into account.  It should not be enabled on a server using forward only.  The fetches-per-server feature (limit queries in-flight to any given server) does take forwarders into account. However, if you have a global forwarder then it makes no sense at all to enable the feature.

Showing results for 
Search instead for 
Did you mean: