Name server proxies (Was: Re: [SURBL-Discuss]

Raymond Dijkxhoorn raymond at
Sat Apr 17 03:10:50 CEST 2004


> As one can have multiple NS entries for a zone, DNS has some degree of 
> built in diversity limiting the impact of a box being dead or 
> unavailable for a period of time. My server is not dependent upon Bill 
> Stearns' being up, only that I can continue to rsync frequently for 
> updates, and even if I can't rsync, I can still serve whatever I last 
> grabbed.
> As long as you have sufficient variation in your name servers registered 
> with the root name servers, anyone wanting to DDOS SURBL would have to 
> hit a large number of boxes.

That, combined with views in the rootservers for the domain can 
be nice to have. Like Clamav mirrors currently work. Depending on the 
source IP you get a set op nameservers listed. Based mostly on geographic 


