I have read the document of redbarn RRL for BIND and this NSD RRL:
https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/

I have a question that, since the DDoS to DNS are coming from spoofed IPs. But RRL is working based on source IP. So how can it stop the real life attack?

Thanks.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to