queries with no RD bit set are truncating
Mark Andrews
marka at isc.org
Wed Jun 17 00:23:55 UTC 2009
In message <f45e198a0906160333i6bc560cdke1cbc29175cd7411 at mail.gmail.com>, Peter
Andreev writes:
> Kevin, this server is totally non-recursive. Neither recurse option is
> enabled and packet size does not exceed 512 byte. May be it was some
> temporarly bugs due to mysterious causes.
I suspect someone has modified the server to mitigate it
being used in a amplification attack. By returning TC you
force TCP and all real iterative resolvers should handle
that. Spoofed sources won't see the reply.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list