DNS hardening, was Re: Dan Kaminsky
Ross Vandegrift
ross at kallisti.us
Thu Aug 6 15:26:05 UTC 2009
On Thu, Aug 06, 2009 at 03:16:25PM +0000, Paul Vixie wrote:
> > ...: "Do loadbalancers, or loadbalanced deployments, deal with this
> > properly?" (loadbalancers like F5, citrix, radware, cisco, etc...)
>
> as far as i know, no loadbalancer understands SCTP today. if they can be
> made to pass SCTP through unmodified and only do their enhanced L4 on UDP
> and TCP as they do now, all will be well. if not then a loadbalancer
> upgrade or removal will be nec'y for anyone who wants to deploy SCTP.
F5 BIG-IP 10.0 has support for load balancing SCTP. I have not tested
or implemented it. I do not know what feature parity exists with
other protocols. But at least it's documented and supported.
--
Ross Vandegrift
ross at kallisti.us
"If the fight gets hot, the songs get hotter. If the going gets tough,
the songs get tougher."
--Woody Guthrie
More information about the NANOG
mailing list