Akamai DNS Issue?
Mark Radabaugh
mark at amplex.net
Wed Jun 16 14:13:47 UTC 2004
> Workarounds and defences already exist, and have been in use for a long
> time.
<long list removed>
> Failures in master servers can be mitigated by having several of them;
> simultaneous failure of all master servers can be managed to some
> degree using appropriate SOA timers, so that slave servers provide
> coverage while master servers are brought back into service.
>
> Different styles of attack can be mitigated by different DNS hosting
> strategies. A robustly-hosted zone will have an NS set that exhibits
> several or all of these approaches (and others too).
>
> The hosting of the root zone provides guidance, here.
>
>
> Joe
>
But you don't say how to avoid failures caused by massive confusion when
maintaining a excessively complicated system....
Mark
More information about the NANOG
mailing list