I spent some time reviewing this document and I have one point I would like some clarification on, is there any supporting documentation that outlines recommendations on how a recursive server can identify expected clients?
"Operators of recursive servers are advised to ensure that they only accept connections from expected clients, and do not accept them from unknown sources. In the case of UDP traffic, this will help protect against reflector attacks [RFC5358 <https://tools.ietf.org/html/rfc5358>] and in the case of TCP traffic it will prevent an unknown client from exhausting the server's limits on the number of concurrent connections.² Thanks, Gowri On 10/9/15, 3:21 PM, "Tim Wicinski" <[email protected]> wrote: > >I've spent some time reviewing this document and I feel that all the >outstanding issues have been addressed, and the document is very well >put together. This is ready for the next step. > >This starts a Working Group Last Call for draft-ietf-dnsop-5966bis > >Current versions of the draft is available here: > >https://datatracker.ietf.org/doc/draft-ietf-dnsop-5966bis/ > >Please review the draft and offer relevant comments. Also, if someone >feels the document is *not* ready for publication, please speak out with >your reasons. > >This starts a two week Working Group Last Call process, and ends on >20:00 UTC 23 October 2015. > >thanks >tim > >_______________________________________________ >DNSOP mailing list >[email protected] >https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
