It's have too much IPs from Asia.
I have blocked Asia: APNIC - Resource ranges allocated by APNIC
Now, I'm still getting flood.
But the server has Dual E-2620 - 128Gb of ram, 16x SSD Raid-10 and 10Gbps of connection.
Easy to this server =)
I have added this too:
iptables -A myownrule -p udp --dport 53 -m state --state NEW -m recent --set
iptables -A myownrule -p udp --dport 53 -m state --state NEW -m recent --update --seconds 120 --hitcount 3 -j DROP
This rule is attached to forward.
What you think about this rule? Only 3 connections for the same IP in 2 minutes.