nanog mailing list archives
Re: DNS Lookup - Filter "localhost"
From: Anders Löwinger <anders () abundo se>
Date: Mon, 17 Nov 2014 23:49:00 +0100
4. Do you block non-UDP DNS requests or rate-limit requests?Yes
Why? RFC5966 DNS Transport over TCP - Implementation Requirements You make it very hard for DNSSEC
5. Anything else you block/filter on your DNS servers?block fragmented packets
Why? You then block EDNS0, which DNSSEC uses. (UDP packets up to 4096 bytes, then TCP) /Anders
Current thread:
- DNS Lookup - Filter "localhost" Radke, Justin (Nov 17)
- Re: DNS Lookup - Filter "localhost" Stephen Satchell (Nov 17)
- Re: DNS Lookup - Filter "localhost" Anders Löwinger (Nov 17)
- Re: DNS Lookup - Filter "localhost" David Conrad (Nov 17)
- Re: DNS Lookup - Filter "localhost" Tony Finch (Nov 18)
- Re: DNS Lookup - Filter "localhost" Stephen Satchell (Nov 17)