[dns-operations] DDOS/Collateral Damage BCPs

Barry Raveendran Greene bgreene at senki.org
Thu Apr 15 16:43:19 UTC 2010

Hi Team,

I'm working with a provider in Egypt whose DNS servers are getting
persistently whacked by an intentional DDOS or collateral damage from a SPAM

They are getting the normal vendor advise of "put a bigger firewall, DPI,
Loadbalancer." But, I usually find that this is not the best advice.

Q. Has anyone done any recent work on "architecture" guides for SP's DNS?
This crew is using bind, they are cluefull enough to break apart their
customer resolvers and the slaves, and are willing to make changes.



More information about the dns-operations mailing list