[dns-operations] tcp queries
frank at opendns.com
Tue Oct 16 03:27:54 UTC 2012
On Oct 15, 2012, at 8:22 PM, pangj <pangj at riseup.net> wrote:
> does it have the feature of answering back with truncate message? or just drop the packet when the limit is reached? thanks.
There is a mechanism that can answer some legitimate
requests from a client whose address is being forged in a flood.
Setting <command>slip</command> to 2 (its default) causes every
other UDP request to be answered with a small response
claiming that the response would have been truncated.
The small size and relative infrequency of the response make
it unattractive for abuse of third parties.
<command>slip</command> must be between 0 and 10.
0 disables the mechanism.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations