BIND this easy to DOS? (nobody?)

Paul Vixie paul at vix.com
Sun Jan 15 23:27:17 UTC 2006


# 	How long are you willing to wait for external DNS to start
# 	working after the broken link connecting you to the rest to
# 	the world comes up?

i think suppressing all queries toward a server that hasn't answered,
for 10 minutes after it has missed all retries started from a transaction,
would be just about right.  every 10 minutes, some client would have to
wait for our SERVFAIL while we tried again.


More information about the bind-workers mailing list