[dns-operations] solutions for DDoS mitigation of DNS
songlinjian at gmail.com
Thu Apr 2 11:19:42 UTC 2020
But Tessa Plum are asking for help when they were under attack with a lot
of UDP requests flooding to the servers.
When a patient with flu asking for help, but his doctor only suggest him to
mask himself avoid he inffectiing others. Wearing masks is generally good
for public but not a cure for that patient.
Given 20Gbps attack, not a huge one, I still think sharing the load among
multiple servers make sense. If possible, some advanced anti-ddos
techniques are available. There is no cost-free solution for DoS.
On Thu, 2 Apr 2020 at 18:22, Ray Bellis <ray at isc.org> wrote:
> The OP described a spoofed-source amplification attack.
> They are not the "victim", but the unwilling participant.
> RRL is the correct solution for this class of attack.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations