I have read the document of redbarn RRL for BIND and this NSD RRL: https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/
I have a question that, since the DDoS to DNS are coming from spoofed IPs. But RRL is working based on source IP. So how can it stop the real life attack?
Thanks. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users