The Australian Cloud services provider CloudFlare, allowed a massive DDoS attack to happen in spite of its mitigation capabilities, so that the company could study and learn more about the mechanisms of these attacks. It found that the attack leveraged open DNS resolvers using spoofed source addresses. According to CloudFlare, 66,458 unique open resolvers participated in the attack and commented that Australia has too many open resolvers out there!
It is very critical that recursion functionality on DNS servers is turned off in order to stop resolvers from being abused in DDoS attacks. Resolvers should only respond to queries from the network they’re serving.