|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Akamai DNS Issue?
> Workarounds and defences already exist, and have been in use for a long > time. <long list removed> > Failures in master servers can be mitigated by having several of them; > simultaneous failure of all master servers can be managed to some > degree using appropriate SOA timers, so that slave servers provide > coverage while master servers are brought back into service. > > Different styles of attack can be mitigated by different DNS hosting > strategies. A robustly-hosted zone will have an NS set that exhibits > several or all of these approaches (and others too). > > The hosting of the root zone provides guidance, here. > > > Joe > But you don't say how to avoid failures caused by massive confusion when maintaining a excessively complicated system.... Mark
|