In article <[email protected]>, pangj <[email protected]> wrote:
> I have read the document of redbarn RRL for BIND and this NSD RRL: > https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/ > > I have a question that, since the DDoS to DNS are coming from spoofed > IPs. But RRL is working based on source IP. So how can it stop the real > life attack? You're thinking that the rate limit is intended to protect YOUR server. It's actually to prevent your server from being used as a reflector to attack some OTHER server. The spoofed addresses all point to that server. -- Barry Margolin Arlington, MA _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
