Oct 3 – 5, 2015
Fairmont Queen Elizabeth
US/Eastern timezone

OpenDNS; Managing DDoS Attacks

Oct 4, 2015, 9:00 AM
St-Francois (Fairmont Queen Elizabeth)


Fairmont Queen Elizabeth

900 René-Lévesque Blvd W Montreal, QC H3B 4A5 Canada


Mr Brian Somers (OpenDNS, FreeBSD)


Open resolvers will always be a target for abuse either as an attack amplification point or as a mask of the attack source. This presentation discusses the measures that OpenDNS has put in place to ensure that their open resolvers contribute towards reducing or blocking DDoS attacks. It goes on to discuss future plans to identify limit or block DoS sources.



This talk discusses OpenDNS’ four main DDoS preventative measures:

  • Rate Limiting
  • The Droplist
  • The Freezelist
  • Authoritative RTT Handling

It also explores some possible future technologies:

  • TClist
  • Freezelist Thawing
  • NXDOMAIN per-level counting
  • Whitelist Labels
Please also consider this submission for the NANOG65 DNS track Yes

Primary author

Mr Brian Somers (OpenDNS, FreeBSD)

Presentation materials