North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DNS DOS increasing?

  • From: Rob Evans
  • Date: Mon Jan 21 12:56:18 2002

> I'm curious to see how other OSes react to these attacks.  My guess is that
> BSD systems (such as FreeBSD and BSDi) will react similarly to the Solaris
> based on my past experience with these systems.  So I am curious too see if
> the RR record "loss" is an OS specific behaviour, especially since Redhat
> has priors in misplacing information in earlier versions of the OS.

Slightly related to that; at the RIPE meeting last week, RIPE NCC
described a DNS server testbed that they had produced, primarily to
test a new authoritative nameserver.  As an experiment, it was run with
BIND 8.2.5 on both FreeBSD and Linux.  The performance of the FreeBSD
system under bursty loads was significantly better than Linux (on the
same system?) for moderate-to-high loads.

The presentation should eventually be available under:
    http://www.ripe.net/ripe/meetings/archive/ripe-41/presentations.html#dns
(but it isn't there yet)

I'm not sure if the returned data was analysed in any depth, but Evi
Nemeth's talk at the next NANOG could be interesting if the title is
anything to go by...

Cheers,
Rob