Why Nostr?What is Njump?
Tristan Brice Velloza Kildaire
npub16c2…xaj2
2024-02-17 22:43:39

Tristan Brice Velloza Kildaire on Nostr: Been playing around with configuring my future authoritative name server and ...

Been playing around with configuring my future authoritative name server and recursive resolver using Unbound!

I've always found the discrepency, in network services, to report failures but also remain stable against forms of abuse. By this I mean, should you report when a subnet or host is unreachable via a an "ICMP Destination Network Prohibited" or not - what if you receive so much traffic that you end go transmitting a load of errors. Never mind amplification attacks that can be done with connectionless protocols like (in this case ICMP).

A same sort of possibility is there for DNS (when using UDP at least). Below are the two options to refuse anyone in my allocated subnet access to the resolver (only authoritative zone data can be queried).

One wants to remain secure against attacks but at the same time, useful network reporting is helpful.

#unbound #DNS #networking #linux




Author Public Key
npub16c2fsg7fp3yxte9ugd9yhcdpa68h924asv5d6pvm5nc37a3nkzmqd2xaj2