tcp/udp, clarification please
bmanning at ISI.EDU
Wed Oct 10 16:34:32 UTC 2001
% basically its my understanding that using BIND with only UDP can be a bit
% more secure, my question is this, are there any types of OS's that require
% the resolving server to use TCP? or are there any other downsides to not
% letting TCP traffic through the firewall.
% Eoin Miller
neither is more secure than the other. UDP works for small packets and
simple queries. Complex RRsets and big packets (zone transfers, dynamic
updates, SIG/CERT RRs, A6 chaining, multiple AAAAs etc.) exceed UDP
packet limits and will "failover" to using TCP.
More information about the bind-users