On Apr 2, 2024, at 08:42, Wes Hardaker <wjh...@hardakers.net> wrote: > Do check/worry about DDoS reflections from UDP requests for DNSKEYs.
Why? Of what value is worrying about this? From what you and John says, it's pretty clear that you can't do anything effective to remediate whatever it is they are doing. Recent DDoS stats indicate that redirected DNS over UDP is no longer a significant source in real-world attacks. Short of being fodder for yet another "UDP considered harmful" discussion, why even note this? --Paul Hoffman _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
