[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TCP vs UDP for dns RE: Really odd problem

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: TCP vs UDP for dns RE: Really odd problem
From: Jason Dixon <jason_(_at_)_dixongroup_(_dot_)_net>
Date: Wed, 29 Sep 2004 11:54:19 -0400

On Sep 29, 2004, at 11:39 AM, Philip Guenther wrote:

Jason Dixon <jason_(_at_)_dixongroup_(_dot_)_net> writes:
...

Not to say you're full of it, but... well maybe.  I explicitly block
all tcp/udp outbound from my LAN, allowing only "good" ports (udp/53
being one of them, tcp/53 not).  I have no problems running nslookup
queries on Windows or Linux.


By default, if a DNS resolver receives a truncated answer to a query
sent via UDP, it will retry the query using TCP.  If you never make
queries that get truncated answers and never use AXFR or IXFR, then
you won't see any errors from blocking tcp/53.  'Course, it's a bit
difficult to guarantee that you'll never get a truncated answer...

Yes, that assumes no axfr. Sorry, I completely forgot about truncated. That's what I get for having a reliable DNS pool and not having to query it for large zones. ;-)


--
Jason Dixon, RHCE
DixonGroup Consulting
http://www.dixongroup.net

References:
- Re: TCP vs UDP for dns RE: Really odd problem
  - From: Jason Dixon

Prev by Date: Re: OpenBSD 3.6
Next by Date: Re: spamd replies
Previous by thread: Re: TCP vs UDP for dns RE: Really odd problem
Next by thread: Re: TCP vs UDP for dns RE: Really odd problem
Index(es):
- Date
- Thread

Visit your host, monkey.org