[dns-operations] solutions for DDoS mitigation of DNS
Davey Song
songlinjian at gmail.com
Thu Apr 2 11:19:42 UTC 2020
But Tessa Plum are asking for help when they were under attack with a lot
of UDP requests flooding to the servers.
When a patient with flu asking for help, but his doctor only suggest him to
mask himself avoid he inffectiing others. Wearing masks is generally good
for public but not a cure for that patient.
Given 20Gbps attack, not a huge one, I still think sharing the load among
multiple servers make sense. If possible, some advanced anti-ddos
techniques are available. There is no cost-free solution for DoS.
Davey
On Thu, 2 Apr 2020 at 18:22, Ray Bellis <ray at isc.org> wrote:
>
> The OP described a spoofed-source amplification attack.
>
> They are not the "victim", but the unwilling participant.
>
> RRL is the correct solution for this class of attack.
>
> Ray
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200402/6a77e688/attachment.html>
More information about the dns-operations
mailing list