Reporting DDOS reflection attacks

Roland Dobbins rdobbins at
Sun Nov 9 02:33:06 UTC 2014

On 9 Nov 2014, at 6:46, Yardiel D. Fuentes wrote:


There are some good general recommendations in this document (Word 
format?  Really?), but this is incorrect and harmful, and should be 

	iii.	Consider dropping any DNS reply packets which are larger than 512 
Bytes – these are commonly found in DNS DoS Amplification attacks.

This *breaks the Internet*.  Don't do it.

Roland Dobbins <rdobbins at>

More information about the NANOG mailing list