On Fri, Sep 28, 2012 at 1:44 AM, bert hubert <[email protected]> wrote: > On Fri, Sep 28, 2012 at 09:17:42AM +0200, Dan Luedtke wrote: >> When an IP address is blocked, we still answer to it, but only once[1]. >> Regardless of what the query is, we answer: >> >> TXT "temporary_blocked <challenge_1> <challenge_2>" > > Hmmm for authoritative servers, we might also emit a CNAME "challenge". This > would be a needless and semantically null transition, but only a bona fide > resolver will come back to follow the CNAME trail. >
Arbor has something very similar to this in their DDOS products. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
