[Devel] asynchronous DNS
Klaus Darilion
klaus.mailinglists at pernau.at
Thu Oct 12 14:46:23 CEST 2006
Olle E Johansson wrote:
>
> 12 okt 2006 kl. 11.30 skrev Klaus Darilion:
>
>> Hi!
>>
>> Are there any plans for including an asynchronous DNS resolver into
>> openser? It still bothers me that openser is vulnerable to DNS based
>> DoS attackes (lame delegations (SERVFAIL )are not cached in the
>> resolving DNS server).
>
> We have the same problem in Asterisk and needs to do something. I've
> looked at the ARES or C-ARES libraries. These
> are the libraries also used by reciprocate.
I'm currently going to the bind sources. There is a feature "lame-ttl"
to cache lame name servers. Although I created several lame delegations
bind never caches them :-(
My idea is to solve this at the recursive name server - then it works
with Asterisk too :-)
regards
klaus
More information about the Devel
mailing list