Sean,
The first step is effective emergency response. I have seen hours pass as
secret handshakes and people on the "right list" were located and made the
right calls. People start their generators on a planned basis to make sure
they work. How many people practice DDOS attack recovery? It's something you
can actually do today that will help the most in a real attack.
This is a malicious attack designed to cause failure, so I think that any
measures of the style discussed will only save you from the small attacks. Not
that avoiding some attacks isn't good, it's just not much help in the general
case. I think the issue of malice makes it very hard to plan for like storm
water or freeway traffic. I have no proof to say that large sites fare better
than small ones. They can handle more, but attract much more serious attacks
with much more glory for the perpetrators.
Many people are pinning their hopes on traffic flow tagging as the way to
manage/solve this in the long term. No one knows yet when it can be deployed
in a large enough scale to work and what it will take then to handle it.
I'm hoping you realize the spectacular failure mode of your DNS propose. You
DOS the DNS in-addr servers and the whole site goes away. That should take a
lot less traffic than swamping the pipes. DNS has enouh problems digesting all
the things it's trying to do now (DNSSEC, v6, large packets...), no need to
make it worse.
jerry