Patrick W. Gilmore <[email protected]> wrote: > On Feb 07, 2014, at 07:09 , Tony Finch <[email protected]> wrote: > > > > If my busy name server is getting 1000 qps of real traffic from all over > > the net, and 1000 qps of attack traffic "from" some victim, then RRL will > > attenuate responses to the victim without affecting other users. > > > > In the absence of RRL, the victim will be denied service by overwhelming > > traffic. In the presence of RRL the victim might have slightly slower DNS > > resolution. > > Not just the victim.
What not just the victim? In the absence of RRL the DDoS attack is likely to cause collateral damage, yes. In the presence of RRL non-victims are unaffected as long as the attack isn't overwhelming the name server. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
