Wouldn't an ANY query to a recursive ONLY return the cached records? On Sun, Jun 10, 2012 at 11:26 AM, <sth...@nethelp.no> wrote: >> "Not supporting" >> ANY queries would also have side effects - simply dropping the >> query maks the authoritative server appear unresponsive to the >> recursive server initiating the query. > > Note that in many cases the server receiving the ANY query is a > recursive server, not an authoritative server. > > For instance, the ISP I work for runs several recursive servers. Those > recursive servers are only available to the ISP's customers. Even so, > those recursive servers are contributing to DDoS attacks - because so > many of the *clients* are either CPEs with a DNS proxy open from the > WAN side, or customers' general open recursive servers which use the > ISP recursive servers as forwarders. > > Steinar Haug, Nethelp consulting, sth...@nethelp.no > _______________________________________________ > dns-operations mailing list > dns-operations@lists.dns-oarc.net > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
-- Kyle Creyts Information Assurance Professional BSidesDetroit Organizer _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
