[dns-operations] solutions for DDoS mitigation of DNS

Tessa Plum tessa at plum.ovh
Thu Apr 2 12:54:41 UTC 2020


On 2020/4/2 5:39 下午, Ray Bellis wrote:
> If it's an authoritative server, turn on Response Rate Limiting (RRL) if
> it's BIND, or the equivalent feature if is isn't.

Yes they are authoritative servers.
Does RRL work based on IP addr? but the requesting IP seems spoofed.

Thanks
Tessa


More information about the dns-operations mailing list