DNS Connection Question
dsr at tao.merseine.nu
dsr at tao.merseine.nu
Wed Oct 20 10:25:08 EDT 2004
On Wed, Oct 20, 2004 at 09:48:20AM -0400, trlists at clayst.com wrote:
> On 20 Oct 2004 dsr at tao.merseine.nu wrote:
>
> > Nameservers always try 53 UDP first, because most requests and
> > responses will fit into a single packet.
>
> That implies that sometimes they don't, which makes me wonder if a
> nameserver which only accepts UDP on port 53 is fully functional. Is
> it? Guess I should read some more details on DNS.
If the nameserver has no authoritative records that would exceed
one packet, then yes, it's fully functional. The other use for
TCP 53 is AXFR mass transfer of records, but this is a) optional
and b) should be protected from access by any other than
designated nameservers.
-dsr-
More information about the Discuss
mailing list