about DNS RRL
pangj at riseup.net
pangj at riseup.net
Wed Oct 17 13:32:59 UTC 2012
> In article <mailman.424.1350461867.11945.bind-users at lists.isc.org>,
> pangj <pangj at riseup.net> wrote:
>
>> I have read the document of redbarn RRL for BIND and this NSD RRL:
>> https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/
>>
>> I have a question that, since the DDoS to DNS are coming from spoofed
>> IPs. But RRL is working based on source IP. So how can it stop the real
>> life attack?
>
> You're thinking that the rate limit is intended to protect YOUR server.
> It's actually to prevent your server from being used as a reflector to
> attack some OTHER server. The spoofed addresses all point to that
> server.
>
>
Sorry I just can't understand that why my server is being used to attack
other's servers?
More information about the bind-users
mailing list