Hi Mark,
On 27.05.21 00:44, Mark Andrews wrote:
On 24 May 2021, at 04:47, Erik Auerswald <auers...@unix-ag.uni-kl.de> wrote:
Especially if the response needs to be larger than the request,
e.g., with DNS, a response rate limit should be applied.
DNS supports authentication of clients, be it DNS COOKIE, TSIG or
SIG(0). If your DNS clients are not using one of these you should
contact the vendor and request a update.
Most modern DNS server software, including ISC's BIND, implements
response rate limiting.
Thanks,
Erik
_______________________________________________
Bloat mailing list
Bloat@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/bloat
