[dns-operations] DNS ANY requests from Amazon?

Dobbins, Roland rdobbins at arbor.net
Tue Dec 18 09:12:57 UTC 2012


On Dec 18, 2012, at 5:44 AM, Vernon Schryver wrote:

> Yes, you could do response rate limiting (RRL) within an application aware firewall by have the firewall do almost of all of the work of your DNS server. 

The 'application-aware firewall' will collapse from state-table exhaustion, however, so this likely isn't a very good idea.

;>

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton




More information about the dns-operations mailing list