To:
mohta@necom830.hpcl.titech.ac.jp (Masataka Ohta)
Cc:
dnsop@cafax.se
From:
Ted Hardie <Ted.Hardie@nominum.com>
Date:
Tue, 29 Oct 2002 09:42:40 -0800 (PST)
In-Reply-To:
<200210291216.VAA16597@necom830.hpcl.titech.ac.jp> from "Masataka Ohta" at Oct 29, 2002 09:16:38 PM
Reply-to:
Ted.Hardie@nominum.com
Sender:
owner-dnsop@cafax.se
Subject:
Re: DoS and anycast
> > Isn't prevention of DoS attack on root servers a good enough reason > to deploy anycast? > > Masataka Ohta No. Deploying anycast services (outside the RFC-1930 compliant methods currently in use) lessens the effect of a DoS attack, but at the cost of risking the integrity of the data provided by the service. Once the data is adequately protected against that risk, deploying anycast (or "side-band delivery" or any other funky method of passing the bits around) is fine. regards, Ted Hardie #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.