In our project infrastructure we have a nameserver, based on bind9. This nameserver is configured as primary and authoritative, so it is quite important. The question is, should I install and configure fail2ban for the purpose of protecting this DNS server? Is it worth it? I tried searching fail2ban configurations for Bind9/named, but there are only a few, and it seems like it is not something that people do (at least post) much.
If it makes any difference, Bind9 is running in a docker container with exposed 53/udp port.