DNS DOS increasing?

James Smith jsmith at PRESIDIO.com
Mon Jan 21 15:07:32 UTC 2002

 I've seen DOS-type behavior where a client will query a resolver for a
 name that doesn't exist, and the client does not accept the answer that
 the name does not exist and immediately sends another query, regardless
 of whether or not the resolver declared itself authoritative for the
 negative answer.


  Get ready for more DOS-like behavior as systems get deployed that have 10
second TTLs in the DNS. These systems are used to provide multi-isp
redundancy by pinging each upstreams router, and when a ping fails, start
giving out a dns response using the other ISP IP range. Same FQDN, new IP.

  This of course is driven by the desire for redundancy in small businesses
who make the Internet an integral part of their business plan. Either they
can't get PI space and don't have (or don't want to spend) the $$$ to do
BGP, or are unable to convince their upstream to cut a hole in their CIDR
block and allow a 2nd party to announce that chunk (which for some is as
small as /28).

James H. Smith II  NNCDS NNCSE
Systems Engineer
The Presidio Corporation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20020121/a43a203e/attachment.html>

More information about the NANOG mailing list