On 18/08/2019 04:14, Mike wrote:
I wanted to point out that I observed the same thing occuring
against my PowerDNS resolvers - I would get a low rate of TCP SYN's in
to port 53, the resolver would attempt to SYN-ACK these several times
without success, and then a new SYN would come in, starting the process
over again, so there is a small gain in amplification here but not like
ssdp or memcached for example.
Thank you, that's very useful information.
How low is "low rate" - that is, typically how many sockets are in
SYN_RECV state?
I am wondering if there would be any benefit trying to enable SYN
cookies with a low threshold (esp. on authoritative servers where you
can't block by source IP)
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
