Security considerations
Authorization of BGPDNS requestors
- MD5 shared secret (like in OSPF)
DoS/Overloading attacks
- Can‘t be done much, BGPDNS should not fall over but provide some form of overload protection
Spoofing of requests/answers
- MD5 shared secret
- Filter 179/UDP on border router / firewall
Information leakage
- The DNS information is public anyway