Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:Multiple DNS feature? (Score 2) 348

That's sounds very much like the default behaviour of ISC's bind, up until version 9.6 https://www.isc.org/software/bind/new-features/9.6

Randomize server selection on queries As a security improvement to make forgery a little more difficult, BIND 9.6 now attempts to make the order of the server selection for queries less predictable. Previously, BIND would prefer to query the server with the lowest round trip time (RTT). Now servers that haven't been tried yet have their RTT set to a random value between 0 ms and 7 ms. And the RTT values of servers which have been tried are now randomly changed up to 128 ms.

This algorithm also applies to DNS servers specified with the "forwarders" clause. A local bind installation with the ISP's and Google's DNS servers configured as forwarders would do what you want. The OS and applications would then be configured to use the local DNS server.

Comment Re:Large-scale NAT in Qatar (Score 1) 320

Is there a future in preventing abuse by blocking IP addresses? In IPv6, each end user might have control over 2^64 IP addresses. Blocking individual addresses won't scale, and blocking entire /64s will risk the same affect of blocking innocent bystanders. I can't see how sites like Wikipedia and the RBLs will be able to scale their blacklists to these numbers of addresses cost effectively.

Slashdot Top Deals

Vax Vobiscum