Tom <tomtux...@gmail.com> wrote: > > If I set the "responses-per-second 5;" and the "window 30;", then begin > flooding (the responses are correctly dropped), then stop flooding, then > querying the nameserver from the same source for the same RR, I'll get > immediately the right answer. > > Any explanations for this behavior?
Try more than once - you are probably seeing the effect of the "slip" setting, which is supposed to allow legitimate clients to get answers even when they are being spoofed by a DDoS attack. Also, if you are using DiG then to see the proper effect you'll want to set the +ignore +tries=1 options (and maybe +timeout=1). Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode Fair Isle, Faeroes, Southeast Iceland: Southeasterly 6 to gale 8, occasionally severe gale 9, except in Faeroes. Rough or very rough, occasionally high in Faeroes and Southeast Iceland. Occasional rain. Good, occasionally poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
