On 2014-01-22 00:43, Steven Carr wrote:
Well they probably are being subjected to DDoS all the time, but Google uses their own DNS implementation so more than likely they have written in functionality to rate-limit and block specific clients/requests. They also have a lot of bandwidth and they have a lot of servers, using Anycast for distribution. http://en.wikipedia.org/wiki/Google_Public_DNS
The fact that they're using anycast possibly helps their code detect DDoS attempts too; if their anycast farm in India receives a request "from" an IP in the US with half a dozen closer anycast farms/points, it can potentially assume that that query is part of an attack and rate limit much more drastically than is normally done.
-- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren The cigarette does the smoking, you're just the sucker. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users