nanog mailing list archives
Re: Dyn DDoS this AM?
From: Suzanne Woolf <suzworldwide () gmail com>
Date: Mon, 24 Oct 2016 13:10:16 -0400
On Oct 24, 2016, at 12:06 PM, Eitan Adler <lists () eitanadler com> wrote: On 24 October 2016 at 01:25, LHC <large.hadron.collider () gmx com> wrote:All this TTL talk makes me think. Why not have two ttls - a 'must-recheck' (does not expire the record but forces a recheck; updates record if server replies & serial has incremented) and a 'must-delete' (cache will be stale at this point)?If clients can't get one TTL correct what makes you think they will get a more complicated two TTL system correct?
….To say nothing of resolvers that simply ignore server-side TTLs and set their own. For instance, https://www.icann.org/en/system/files/files/rssac-003-root-zone-ttls-21aug15-en.pdf <https://www.icann.org/en/system/files/files/rssac-003-root-zone-ttls-21aug15-en.pdf> “RSSAC 003: RSSAC Report on Root Zone TTLs” will tell you far more than you really want to know about TTLs and caching behavior, and some of it is specific to the root zone, but one of the key observations is "Root zone TTLs appear to not matter to most clients.” Modern large-scale DNS is a fairly complex system. Speculating from here about how it behaved under attack in someone else’s network is interesting, and I look forward to more information from Dyn as they feel they can share it— but DDoS is a big enough fact of life for them and everyone else that if there was a simple answer, I think someone would be making a fortune on it already, or at least have filed the patents. Suzanne (speaking for myself)
Current thread:
- Re: Dyn DDoS this AM?, (continued)
- Re: Dyn DDoS this AM? Rob Szarka (Oct 22)
- Re: Dyn DDoS this AM? david raistrick (Oct 21)
- Re: Dyn DDoS this AM? Jean-Francois Mezei (Oct 21)
- Re: Dyn DDoS this AM? Eitan Adler (Oct 21)
- Re: Dyn DDoS this AM? George William Herbert (Oct 21)
- Re: Dyn DDoS this AM? Masood Ahmad Shah (Oct 22)
- Re: Dyn DDoS this AM? Mark Andrews (Oct 23)
- Re: Dyn DDoS this AM? LHC (Oct 24)
- Re: Dyn DDoS this AM? LHC (Oct 24)
- Re: Dyn DDoS this AM? Eitan Adler (Oct 24)
- Re: Dyn DDoS this AM? Suzanne Woolf (Oct 24)
- Re: Dyn DDoS this AM? joel jaeggli (Oct 21)
- Re: Dyn DDoS this AM? Måns Nilsson (Oct 21)
- Message not available
- Re: Dyn DDoS this AM? Måns Nilsson (Oct 21)
- Re: Dyn DDoS this AM? Crist Clark (Oct 21)
- Re: Dyn DDoS this AM? Brett Frankenberger (Oct 21)
- Re: Dyn DDoS this AM? Josh Reynolds (Oct 21)
- Re: Dyn DDoS this AM? Josh Reynolds (Oct 21)
- Re: Dyn DDoS this AM? - dns alvin nanog (Oct 21)