[Bloat] Educate colleges on tcp vs udp
Erik Auerswald
auerswal at unix-ag.uni-kl.de
Wed May 26 23:11:41 EDT 2021
Hi Mark,
On 27.05.21 00:44, Mark Andrews wrote:
>> On 24 May 2021, at 04:47, Erik Auerswald <auerswal at unix-ag.uni-kl.de> wrote:
>> Especially if the response needs to be larger than the request,
>> e.g., with DNS, a response rate limit should be applied.
>
> DNS supports authentication of clients, be it DNS COOKIE, TSIG or
> SIG(0). If your DNS clients are not using one of these you should
> contact the vendor and request a update.
Most modern DNS server software, including ISC's BIND, implements
response rate limiting.
Thanks,
Erik
More information about the Bloat
mailing list