about DNS RRL

pangj pangj at riseup.net
Wed Oct 17 08:17:41 UTC 2012


I have read the document of redbarn RRL for BIND and this NSD RRL:
https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/

I have a question that, since the DDoS to DNS are coming from spoofed 
IPs. But RRL is working based on source IP. So how can it stop the real 
life attack?

Thanks.



More information about the bind-users mailing list