* Colm MacCárthaigh wrote: > On Wed, Jan 9, 2013 at 4:24 PM, Scott Brynen ><[email protected]> wrote: >> In an interesting development to this, UltraDNS are starting to REFUSE a >> UDP/ANY request on some of their name servers. > > Considering that a status=REFUSED response is exactly as large as a > TC=1 response with no answer section, is there a technical benefit to > responding with REFUSED?
Both approches does not help. The traffic generated by such small answers to spoofed queries is still sufficient to bring the target down. Be there, done that, got sued. That's why I switched to a much more aggressive "DNS dampening". _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
