[dns-operations] A dns-proxy for DNS over HTTP(s)

Roland Dobbins rdobbins at arbor.net
Wed Aug 26 10:01:02 UTC 2015

On 26 Aug 2015, at 2:31, Ralf Weber wrote:

> I don't think this is the case any more.

Nothing much has changed, from the defender's standpoint.  DNS 
reflection/amplification attacks are as prevalent  and effective as 
ever; it's just that SSDP, ntp, and others are even more popular.

> DNS server scale to million of requests per second on normal hardware 
> I have not yet heard of a web server scaling to that.

Concur 100%.

Nobody is thinking about this with QUIC/HTTP 2, and it looks as if 
nobody (except us, heh) is thinking about this with the DNS, either.

Roland Dobbins <rdobbins at arbor.net>

More information about the dns-operations mailing list