[dns-operations] EDNS0

william(at)elan.net william at elan.net
Wed Mar 1 04:57:20 UTC 2006


Can I have some understanding of what would happen if non-recursive DNS
server which services some domain with very large domain resource record 
(say large txt) received a request for that record from spoofed source.

Would that always cause the response to go to the spoofed ip address?

How is that different then amplification with recursive dns servers?
(since in both cases the a smaller request packet of about 40-50 bytes 
causes dns server to send large response up to 500bytes to forged 
source ip address)

Would this change in anyway with EDNS (if so how)?

William Leibzon
Elan Networks
william at elan.net

More information about the dns-operations mailing list