[dns-operations] Does residential ISPs do rate limit on their local resolvers?

Xun Fan xunfan at outlook.com
Fri Oct 21 17:53:40 UTC 2016

Hi all,

Recently revealed "Mirai" botnet source code suggests that they can blast queries to local resolvers for DDoS attack.

I suppose the local resolvers may see impact if a good number of IoT devices in the network got comprised and there is no rate limiting per source.

In addition, it can also cause damage on the authoritative name servers if the attack is targeting a specific domain.

So just out of curiosity, is it prevailing that the residential ISPs do rate limit on their local resolvers (per source preferably) ?

Public DNS resolvers seem to do that, i.e., but it will be helpful if ISPs do it too.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20161021/df0879e2/attachment.html>

More information about the dns-operations mailing list