At 08:51 PM 3/23/2005 -0500, Radu wrote:
It has been mentioned that the %{i} macro could be included in the query,
and then the server could reply with PASS/FAIL. I think this is a bad
idea, because all those queries are uncacheable, so this truly circumvents
the benefits that were designed into DNS. When the DDOS attempt does
happen, caching can really help lower the impact. It may be that I didn't
understand the proposal well enough.
Good point. I hadn't thought of that. Also, since the PASS/FAIL response
takes the same single IP datagram as a list of IPs, there is not much to be
gained.
-- Dave
************************************************************* *
* David MacQuigg, PhD * email: dmquigg-spf(_at_)yahoo(_dot_)com *
*
* IC Design Engineer * phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* * 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. * Tucson, Arizona 85710 *
************************************************************* *