Hello,
a nsd user posted an interesting question:
https://open.nlnetlabs.nl/pipermail/nsd-users/2016-September/002364.html
Could we eliminate the DDoS threat by just turning off UDP?
Recursive servers I understand probably have to keep accepting them,
but authoritative servers are only intended for recursive servers to
query, so would it be safe to just drop port 53 UDP requests?
are there any experiences/opinions on that?
Andreas
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
