Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.protocols.dns.bind > #15924
| From | Brett Delmage <Brett@BrettDelmage.ca> |
|---|---|
| Newsgroups | comp.protocols.dns.bind |
| Subject | Re: DNS security, amplification attacks and recursion |
| Date | 2020-07-07 18:17 -0400 |
| Message-ID | <mailman.637.1594160226.942.bind-users@lists.isc.org> (permalink) |
| References | <7adcb06a-4d03-7362-6f4a-29b3fb223697@nixmagic.com> <alpine.DEB.2.20.2007071426460.21235@grey.csi.cam.ac.uk> <alpine.DEB.2.21.2007071417041.10687@pannier.local> <alpine.DEB.2.20.2007072049350.21235@grey.csi.cam.ac.uk> <alpine.DEB.2.21.2007071814520.24052@pannier.local> |
On Tue, 7 Jul 2020, Tony Finch wrote: > Brett Delmage <Brett@BrettDelmage.ca> wrote: >> On Tue, 7 Jul 2020, Tony Finch wrote: >>> >>> minimal-any yes; >> >> Why only reduce and not eliminate? > > The reason is a bit subtle. If an ANY query comes via a recursive > resolver, it is much better to give the resolver an answer so that it will > put an entry in its cache... This is a very interesting and clear explanation. Thanks for taking the time to share this Tony. TIL :-) Brett
Back to comp.protocols.dns.bind | Previous | Next | Find similar
Re: DNS security, amplification attacks and recursion Brett Delmage <Brett@BrettDelmage.ca> - 2020-07-07 18:17 -0400
csiph-web