[dns-operations] dns response rate limiting (DNS RRL) patch available for testing
Chris Thompson
cet1 at cam.ac.uk
Thu Jun 14 12:01:02 UTC 2012
On Jun 11 2012, Paul Vixie wrote:
>Vernon Schryver and Paul Vixie have been working on DNS Response Rate
>Limiting (DNS RRL) as a patch set to BIND9 (9.9.1-P1 or 9.8.3-P1) and we
>are ready for broader external testing.
>
>Details on how to fetch the patches and specifications are at:
>
> http://www.redbarn.org/dns/ratelimits
>
>A note for earlier private testing -- that web page now includes patched
>BIND9 Windows executables.
Just a reminder to OARC users that there is an associated mailing list, see
http://lists.redbarn.org/mailman/listinfo/ratelimits
as it is surprisingly quiet so far. Sharing experiences about configurations
might usefully be done there (always remembering that the black hats may be
listening, of course).
We have turned on rate limiting on our authoritative nameservers with
good effect.
--
Chris Thompson University of Cambridge Computing Service,
Email: cet1 at ucs.cam.ac.uk New Museums Site, Cambridge CB2 3QH,
Phone: +44 1223 334715 United Kingdom.
More information about the dns-operations
mailing list