Stopping name server abuse
Matus UHLAR - fantomas
uhlar at fantomas.sk
Mon Jun 25 15:14:50 UTC 2018
>> Am 25.06.2018 um 05:39 schrieb Paul Kosinski:
>> > Is it possible to get BIND not to respond at all, thereby causing
>> > a timeout on the query? That would perhaps reduce load more than
>> > NXDOMAIN or deleting the sone(s) would.
>On Mon, 25 Jun 2018 15:32:44 +0200
>Reindl Harald <h.reindl at thelounge.net> wrote:
>> timeouts are expensive for both sides by definition
On 25.06.18 11:04, Paul Kosinski wrote:
>How does *not* responding to a UDP query take longer for the *server*
>than responding to UDP a query? Both responding and (deliberately) not
>responding require identifying the query, but not responding bypasses
>the time the server would need to construct the response, plus time
>spent in the network stack. (I'm assuming we don't care about client
>side "expense".)
not responding server will usually receive more queries.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
- Holmes, what kind of school did you study to be a detective?
- Elementary, Watson. -- Daffy Duck & Porky Pig
More information about the bind-users
mailing list