I'm curious to see how other OSes react to these attacks. My guess is that BSD systems (such as FreeBSD and BSDi) will react similarly to the Solaris based on my past experience with these systems. So I am curious too see if the RR record "loss" is an OS specific behaviour, especially since Redhat has priors in misplacing information in earlier versions of the OS.
Slightly related to that; at the RIPE meeting last week, RIPE NCC described a DNS server testbed that they had produced, primarily to test a new authoritative nameserver. As an experiment, it was run with BIND 8.2.5 on both FreeBSD and Linux. The performance of the FreeBSD system under bursty loads was significantly better than Linux (on the same system?) for moderate-to-high loads. The presentation should eventually be available under: http://www.ripe.net/ripe/meetings/archive/ripe-41/presentations.html#dns (but it isn't there yet) I'm not sure if the returned data was analysed in any depth, but Evi Nemeth's talk at the next NANOG could be interesting if the title is anything to go by... Cheers, Rob