To:
Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>, DNS Operations <dnsop@cafax.se>
From:
David Conrad <david.conrad@nominum.com>
Date:
Tue, 29 Oct 2002 11:47:19 -0800
In-Reply-To:
<200210291216.VAA16597@necom830.hpcl.titech.ac.jp>
Sender:
owner-dnsop@cafax.se
User-Agent:
Microsoft-Entourage/10.1.0.2006
Subject:
Re: DoS and anycast
To answer what I assume is your intended question: yes (IMHO). (Anycast does not, of course, prevent DoS attacks, it merely reduces the chances that the DoS attack will be able to make the IP address used for root DNS service unavailable to all requestors) The DoS/DDoS threat to the roots has been known for a very long time. It is crazy that more steps have not been taken to ameliorate that threat as much as possible. The fact that 9 of the 13 roots could be taken out with such a feeble attack (ICMP for $diety's sake) is simply offensive. Rgds, -drc On 10/29/02 4:16 AM, "Masataka Ohta" <mohta@necom830.hpcl.titech.ac.jp> wrote: > Isn't prevention of DoS attack on root servers a good enough reason > to deploy anycast? > > Masataka Ohta > #---------------------------------------------------------------------- > # To unsubscripbe, send a message to <dnsop-request@cafax.se>. #---------------------------------------------------------------------- # To unsubscripbe, send a message to <dnsop-request@cafax.se>.