<div dir="ltr">Usually the commercial DoS mitigation solution require you to put your service in their network, like the secondary DNS in which you have privacy concern.<div><br></div><div>Davey</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 2 Apr 2020 at 21:15, Tessa Plum <tessa@plum.ovh> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 2020/4/2 7:09 下午, Klaus Darilion wrote:<br>
> <br>
> So my advice: use a name server which can fill your upstream bandwith <br>
> (NSD, Knot ...). And for volumetric attacks use a commercial DDoS <br>
> mitigation provider which filters your traffic (ie. buy the service from <br>
> your ISP or from a remote DDoS mitigation provider which announces your <br>
> prefixes on demand.)<br>
<br>
That's really what I am looking for.<br>
We don't mind to buy a commercial mitigation device to prevent such type <br>
of attacks.<br>
<br>
Thank you.<br>
Tessa<br>
_______________________________________________<br>
dns-operations mailing list<br>
<a href="mailto:dns-operations@lists.dns-oarc.net" target="_blank">dns-operations@lists.dns-oarc.net</a><br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-operations" rel="noreferrer" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-operations</a><br>
</blockquote></div>