[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DNS problems to RoadRunner - tcp vs udp

Subject: DNS problems to RoadRunner - tcp vs udp
From: rdobbins at cisco.com (Roland Dobbins)
Date: Mon, 16 Jun 2008 02:11:20 +0700
In-reply-to: <[email protected]>
References: <[email protected]>

On Jun 15, 2008, at 8:02 PM, Joe Greco wrote:

> I think a real solution would be more sophisticated than this, but  
> it's a starting point.

In addition to the BCPs already mentioned by Sean and Nathan, a good  
detection/classification/traceback system plus S/RTBH can be helpful,  
and there are commercial DDoS mitigation services/scrubbers available  
from various SPs/vendors which have DNS-specific functionality, as  
well.  Blocking TCP/53 is definitely not an optimal solution, as many  
have already pointed out.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // +66.83.266.6344 mobile

      History is a great teacher, but it also lies with impunity.

                    -- John Robb

References:
- DNS problems to RoadRunner - tcp vs udp
  - From: jgreco at ns.sol.net (Joe Greco)

Prev by Date: Single IP routing problems through Level3
Next by Date: Single IP routing problems through Level3
Previous by thread: DNS problems to RoadRunner - tcp vs udp
Next by thread: DNS problems to RoadRunner - tcp vs udp
Index(es):
- Date
- Thread