On 06/13/2013 02:01 PM, Ronald F. Guilmette wrote:
The entire problem is fundamentally a result of the introduction of EDNS0.
Wwouldn't you agree?
No. You can still get pretty good amplification with 512 byte responses.
There are 2 causes of this problem, lack of BCP 38, and improperly
secured (read, "open") resolvers. The first requires operator education,
and in a non-trivial number of cases requires operators to act against
their own interests. Thus, the problem remains unsolved 13 years later.
The latter problem also requires operator education, but is more likely
to be solvable.
There is no quick fix.
Doug
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
