The DDOS attack on DYN & RRL ?
Dave Warren
davew at hireahit.com
Fri Nov 4 04:28:47 UTC 2016
On Tue, Nov 1, 2016, at 07:45, Ben Croswell wrote:
> The other option being having a master owned by your company and then
> setting both external providers to secondary from your master. You to
> maintain control over data and hqve diversity.
I use this approach here, it's proven to be very robust. Not only is the
internal master well hidden to all but the secondaries, but if it does
get directly targeted by a DDoS it won't impact your slaves at all.
Obviously if your company is the target there probably isn't much you
can do unless you have a very substantial anti-DDoS budget, but in the
case of a DNS neighbour being the target, diversifying your DNS across
2-3 larger providers will ensure that you stay up.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20161103/30bceae6/attachment.html>
More information about the bind-users
mailing list