On Wed, Mar 6, 2013 Vernon Schryver wrote: ... > A few recursive servers such as those at 8.8.8.8 apparently want to > attract requests from the whole Internet. I agree that most recursive > servers should know their client bases by IP address or authenticating > token, but in practice that has problems. Many organizations want > their users to send DNS requests to their recursive servers from any > hotel, airport, customer site, etc. That wrecks limits by IP address. > I know of no way to use authentication on end user computers except > by something like installing a forwarding, caching DNS server on every > end user computer.
What would be the effects on DNS infrastructure operations if for example several million Apple laptops were configured this way in a short time frame ? > No stub resolvers seem to have provisions for TSIG. mDNSresponder with DNSprivate ? _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
