On Jan 22, 2014, at 3:43 AM, Steven Carr <sjc...@gmail.com> wrote: > On 22 January 2014 05:29, LuKreme <krem...@kreme.com> wrote:
>> in the options on the master and slave DNS servers (along with any other >> specific IPs that I want to/need to allow). Given the risks in allowing >> recursion for the wilds of the Internet, how are companies like Google able >> to allow access to 8.8.8.8 and 8.8.4.4 without being used for these DDOS >> attacks? > > Well they probably are being subjected to DDoS all the time, but > Google uses their own DNS implementation so more than likely they have > written in functionality to rate-limit and block specific > clients/requests. They also have a lot of bandwidth and they have a > lot of servers, using Anycast for distribution. > http://en.wikipedia.org/wiki/Google_Public_DNS In addition to being rate-limited, blocking, etc., I'm sure the Google servers are instrumented as data collection devices and are providing data back to someone regarding what DNS is actually doing and being used for. Why else would they do it? 8-) AlanC -- Alan Clegg | +1-919-355-8851 | a...@clegg.com
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users