Re: [Dnsmasq-discuss] strategies to mitigate DNS amplification attacks in ISP network

Doesn't DNSCrypt https://dnscrypt.org solve the same problem ? Lonnie On Dec 2, 2015, at 3:21 AM, Dave Taht wrote: > DNS cookies look kind of interesting... > > > -- Forwarded message -- > From: Mark Andrews > Date: Wed, Dec 2, 2015 at

Re: [Dnsmasq-discuss] Becoming authoritative DNS for additional netblock

On 2015-12-02 00:50, Albert ARIBAUD wrote: > Hi "A C", > > Le Wed, 2 Dec 2015 00:00:06 -0800 > A C a écrit: > >>> I infer that what you have in your working config is not >>> >>> server=/vpn.example.com/10.0.0.140 >>> local=/vpn.example.com/ >>> >>> as indicated above,

[Dnsmasq-discuss] [PATCH] Flush dynamic configuration on reload and discard DHCPv6 options on SIGHUP

Reload configuration from dynamic configuration files when they're modified, but not before flushing old configuration loaded from the same place.This behavioral change affects options --dhcp-hostsdir, --dhcp-optsdir and --hostsdir. Discard DHCPv6 options on SIGHUP before reloading them from

Re: [Dnsmasq-discuss] [PATCH] Treat records signed using unknown algorithms as unsigned instead of bogus

On 25/11/15 07:40, Michał Kępień wrote: >> Caveat. I'm not sure what the answer is. I'm certainly not arguing for a >> fixed interpretation, not even the current behaviour of dnsmasq, and I'm >> trying to understand what the correct behaviour should be. As always, >> I'm terrified of breaking

Re: [Dnsmasq-discuss] how can i make cache_size more than 10000

Hi "cochen", Le Wed, 2 Dec 2015 14:31:13 +0800 (CST) cochen a écrit: > Hello everyone, > When i use command " kill -s SIGUSR1 `cat /var/run/dnsmasq.pid`", > the output in log as below: Dec 2 14:23:48 dnsmasq[22548]: cache > size 1, 22230/42649 cache insertions

Re: [Dnsmasq-discuss] Becoming authoritative DNS for additional netblock

Hi "A C", Le Tue, 1 Dec 2015 22:46:40 -0800 A C a écrit: > On 2015-12-01 22:22, Albert ARIBAUD wrote: > > Hi "A C", > > > > Cc:ing Simon in case the problem is indeed a weird dependency of > > "server=" on "local=" -- or to ascertain it doesn't. > > > > Le Tue, 1 Dec 2015

Re: [Dnsmasq-discuss] Becoming authoritative DNS for additional netblock

On 2015-12-01 23:43, Albert ARIBAUD wrote: > Hi "A C", > > Le Tue, 1 Dec 2015 22:46:40 -0800 > A C a écrit: > >> On 2015-12-01 22:22, Albert ARIBAUD wrote: >>> Hi "A C", >>> >>> Cc:ing Simon in case the problem is indeed a weird dependency of >>> "server=" on "local=" -- or to

Re: [Dnsmasq-discuss] Becoming authoritative DNS for additional netblock

Hi "A C", Le Wed, 2 Dec 2015 00:00:06 -0800 A C a écrit: > > I infer that what you have in your working config is not > > > > server=/vpn.example.com/10.0.0.140 > > local=/vpn.example.com/ > > > > as indicated above, but actually > > > >

[Dnsmasq-discuss] Fwd: strategies to mitigate DNS amplification attacks in ISP network

DNS cookies look kind of interesting... -- Forwarded message -- From: Mark Andrews Date: Wed, Dec 2, 2015 at 1:39 AM Subject: Re: strategies to mitigate DNS amplification attacks in ISP network To: Michael Hare Cc: "na...@nanog.org"