* Paul Vixie wrote: > as queries, so there is no bit-level amplification. and the packet level > replication is attenuated. this makes a DNS RRL server "less attractive" > than a directed attack, which is literally the best we can hope to > accomplish here -- the attacks will go on but our authority servers > don't have to be involved.
Exactly that's the result, I do observe. Attack(!) traffic decreased from ten Mbps to two Mbps within weeks. I do not aim for more. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
