[dns-operations] Always replying to UDP requests with TC=1, good practice or not

Mankin, Allison amankin at verisign.com
Sun Oct 18 20:09:27 UTC 2015


Hi Paul,

i think you mean TC=1.

this supposed anti-ddos behaviour is, i heard from somewhere, patented. at
least, there's a variant where the first UDP query get TC=1 and only after the
client demonstrates that they heard your TC=1 and properly followed up with a
TCP transaction, is UDP answered normally. that variant is, i think, patented.

This Riverhead patent, maybe?

https://patentimages.storage.googleapis.com/pdfs/US6907525.pdf


Paul
_______________________________________________
dns-operations mailing list
dns-operations at lists.dns-oarc.net<mailto:dns-operations at lists.dns-oarc.net>
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20151018/21b3564e/attachment.html>


More information about the dns-operations mailing list