[dns-operations] NS selection in bind
Ricardo Oliveira
rvelosoo at gmail.com
Fri Sep 17 22:08:16 UTC 2010
Michael,
Thanks for the info. I assume than that when you have 2 bands, you
only use the slowest band when _all_ servers in the first band are
down? (and servers within each band are randomly picked)
Also, just to confirm, the selection algo before 9.6 was to just pick
the server with lowest RTT (no bands)
Thanks!
--Ricardo
On Sep 17, 2010, at 5:55 AM, Michael Graff wrote:
> On 9/17/10 4:53 AM, Ricardo Oliveira wrote:
>
>> Does anyone in this list knows more details about this change short
>> of
>> looking at the source code?
>> How often are RTTs randomly changed, on every query?
>> Is the value picked randomly between 0 and 128ms?
>
> This is referred to (by us anyway) as RTT banding.
>
> That is, we break the RTT response times from servers into 128ms
> groups,
> so anything 0-127ms will be considered "the same" while anything
> 128-255ms will be "the same" for random selection.
>
> The purpose is to make it harder to know which of several reasonably
> speedy servers are likely to be responded to, so a brute force flood
> attack is harder.
>
> This was one of many mitigation techniques, along with source port
> randomization, to defend against such.
>
> --Michael
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
More information about the dns-operations
mailing list