Carview!

CARVIEW

MOTORHOMES

Select Language

HTTP/2 301 date: Fri, 01 Aug 2025 11:28:59 GMT content-type: text/html content-length: 167 location: https://datatracker.ietf.org/doc/html/bcp140 cache-control: max-age=3600 expires: Fri, 01 Aug 2025 12:28:59 GMT set-cookie: __cf_bm=Je1kH.7NukKZbyiTXds6HqWSPOwbS9zxDLArPiM6v_E-1754047739-1.0.1.1-0Ozpvs6Wy898M18n2ABQDKeGWM7IYXxDDzdDll0qVfL5wd6q45h_sRxCsJi5h4GOfclchjJKA7v5sdb4Ylrj7UVlofrhxIsZBHD3Bo06.gY; path=/; expires=Fri, 01-Aug-25 11:58:59 GMT; domain=.ietf.org; HttpOnly; Secure; SameSite=None vary: Accept-Encoding x-robots-tag: noindex, nofollow server: cloudflare cf-ray: 9684fec1e934b22e-BLR alt-svc: h3=":443"; ma=86400 HTTP/2 302 date: Fri, 01 Aug 2025 11:29:00 GMT content-type: text/html; charset=utf-8 location: https://www.rfc-editor.org/info/bcp140 content-security-policy: default-src 'self' 'unsafe-inline' data: https://datatracker.ietf.org/ https://www.ietf.org/ https://ietf.org/ https://analytics.ietf.org https://static.ietf.org; frame-ancestors 'self' ietf.org *.ietf.org meetecho.com *.meetecho.com cross-origin-opener-policy: unsafe-none referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=3600; includeSubDomains vary: Cookie, Accept-Encoding x-content-type-options: nosniff x-frame-options: SAMEORIGIN cf-cache-status: EXPIRED expires: Fri, 01 Aug 2025 15:29:00 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 9684fec22d4e8839-BLR alt-svc: h3=":443"; ma=86400 HTTP/2 200 date: Fri, 01 Aug 2025 11:29:01 GMT content-type: text/html; charset=UTF-8 content-encoding: gzip vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff cf-cache-status: DYNAMIC set-cookie: __cf_bm=FNMAzi1nDomgOR7slulPXwTUgxILTSl5MoFUokliKb4-1754047741-1.0.1.1-cXNDo4e0hcsvz.YcM3t4H1OiDMG1WHCiGMJktadOVxDFUqdlpUei0P9SE6NSzsT28UrRKaljscj0DtWXDijOv.TmQWLrBM3k5zgpwOmCZrE; path=/; expires=Fri, 01-Aug-25 11:59:01 GMT; domain=.rfc-editor.org; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 9684fec73f1f6cd6-BLR alt-svc: h3=":443"; ma=86400 Information on BCP 140 » RFC Editor

BCP 140

RFC 5358

Preventing Use of Recursive Nameservers in Reflector Attacks, October 2008

File formats:
Status:: BEST CURRENT PRACTICE
Authors:: J. Damas
F. Neves
Stream:: IETF
Source:: dnsop (ops)

Cite this BCP: TXT | XML

Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org

Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC

Abstract

This document describes ways to prevent the use of default configured recursive nameservers as reflectors in Denial of Service (DoS) attacks. It provides recommended configuration as measures to mitigate the attack. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Original Source | Taken Source

Search RFCs

RFC Editor

BCP 140

RFC 5358

Preventing Use of Recursive Nameservers in Reflector Attacks, October 2008

Abstract