[dns-operations] "Poorly configured DNSSEC servers at root of DDoS attacks"

Roland Dobbins rdobbins at arbor.net
Wed Sep 7 19:22:40 UTC 2016

On 7 Sep 2016, at 21:04, Tony Finch wrote:

> The authoritative servers are overloaded because there are too many 
> TCP clients.

This is a problem with busy authoritative servers generally.  The 
sysadmins often don't tune them for high-volume TCP as well as UDP; and 
IIRC, the default BIND named.conf setting for the number of simultaneous 
TCP connections is still only 100.

Roland Dobbins <rdobbins at arbor.net>

More information about the dns-operations mailing list