>> You're thinking that the rate limit is intended to protect YOUR server.
>> It's actually to prevent your server from being used as a reflector to
>> attack some OTHER server. The spoofed addresses all point to that
>> server.
>Sorry I just can't understand that why my server is being used to
> In article ,
> pangj wrote:
>
>> I have read the document of redbarn RRL for BIND and this NSD RRL:
>> https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/
>>
>> I have a question that, since the DDoS to DNS are coming from spoofed
>> IPs. But RRL is working based on source IP. So how can it
In article ,
pangj wrote:
> I have read the document of redbarn RRL for BIND and this NSD RRL:
> https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/
>
> I have a question that, since the DDoS to DNS are coming from spoofed
> IPs. But RRL is working based on source IP. So how can it stop th
On 10/17/2012 09:17 AM, pangj wrote:
I have read the document of redbarn RRL for BIND and this NSD RRL:
https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/
I have a question that, since the DDoS to DNS are coming from spoofed
IPs. But RRL is working based on source IP. So how can it stop the
I have read the document of redbarn RRL for BIND and this NSD RRL:
https://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/
I have a question that, since the DDoS to DNS are coming from spoofed
IPs. But RRL is working based on source IP. So how can it stop the real
life attack?
Thanks.
___
5 matches
Mail list logo
