nanog mailing list archives
Re: DNS deluge for x.p.ctrc.cc
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Sat, 25 Feb 2006 06:00:17 -0800
In message <Pine.GSO.4.62.0602241629470.21514 () qentba nf23028 arg>, Rob Thomas w rites:
Limit UDP queries to 512 bytes. This greatly decreases the amplification affect, though it doesn't stop it.
Unfortunately, the intention of the DNS developers is just the opposite. Things like DNSSEC require larger packet sizes; in fact, there's a DNS extension (EDNS0) whose purpose, among others, it to permit this. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- Re: DNS deluge for x.p.ctrc.cc, (continued)
- Re: DNS deluge for x.p.ctrc.cc Paul Vixie (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Jon Lewis (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Joe Provo (Feb 25)
- Re: DNS deluge for x.p.ctrc.cc Joe Abley (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Christopher L. Morrow (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Paul Vixie (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc bmanning (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Paul Vixie (Feb 26)
- Message not available
- Re: DNS deluge for x.p.ctrc.cc Barrett Lyon (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Rob Thomas (Feb 27)