On Thu, Jan 10, 2013 at 2:24 PM, Vernon Schryver <[email protected]> wrote:
> > thumb for reasonable response rate given query rates, but it seems like > 50% > > is in fact a good starting place. > > With slip=2 and the victim trying and retrying a total 3 times, the > probability that all of the victims responses will be dropped is > 0.5*0.5*0.5 = 0.125. That makes the probability that the victim > will get a response despite matching the DoS flood about 88%. That's > not perfect, but not bad. Thanks for correcting my math. I was thinking that the probability that the victim got a response was dependent on query rate, but of course that would only be the case if response rate was a function of responses per time interval, not responses per number of queries. It's simply a function of response rate and retry, i.e., p = 1 - (1 - (1/slip))^retries -- a much better success rate than the alternative in the midst of a flood of forged queries. Casey
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
