In article <mailman.424.1350461867.11945.bind-us...@lists.isc.org>, pangj <pa...@riseup.net> wrote:
> I have read the document of redbarn RRL for BIND and this NSD RRL: > https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/ > > I have a question that, since the DDoS to DNS are coming from spoofed > IPs. But RRL is working based on source IP. So how can it stop the real > life attack? You're thinking that the rate limit is intended to protect YOUR server. It's actually to prevent your server from being used as a reflector to attack some OTHER server. The spoofed addresses all point to that server. -- Barry Margolin Arlington, MA _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
