|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Internet vulnerabilities
On 04 Jul 2002 11:48:47 -0700 Paul Vixie <[email protected]> wrote: > > [email protected] (Mike Tancsa) writes: > > > ... Still, I think the softest targets are the root name servers. I was > > glad to hear at the Toronto NANOG meeting that this was being looked into > > from a routing perspective. Not sure what is being done from a DoS > > perspective. > > Now that we've seen enough years of experience from Genuity.orig, UltraDNS, > Nominum, AS112, and {F,K}.root-servers.net, we're seriously talking about > using > anycast for the root server system. This is because a DDoS isn't just > against > the servers, but against the networks leading to them. Even if we provision > for a trillion packets per second per root server, there is no way to get > the whole Internet, which is full of Other People's Networks, provisioned at > that level. Wide area anycast, dangerous though it can be, works around > that. > Is this the anycast based on MSDP ? Regards Marshall Eubanks > See www.as112.net for an example of how this might work. "More later." > -- > Paul Vixie
|