BIND this easy to DOS? (nobody?)
paul at vix.com
Sun Jan 15 23:27:17 UTC 2006
# How long are you willing to wait for external DNS to start
# working after the broken link connecting you to the rest to
# the world comes up?
i think suppressing all queries toward a server that hasn't answered,
for 10 minutes after it has missed all retries started from a transaction,
would be just about right. every 10 minutes, some client would have to
wait for our SERVFAIL while we tried again.
More information about the bind-workers