tcp/udp, clarification please

Bill Manning bmanning at ISI.EDU
Wed Oct 10 16:34:32 UTC 2001

% basically its my understanding that using BIND with only UDP can be a bit
% more secure, my question is this, are there any types of OS's that require
% the resolving server to use TCP? or are there any other downsides to not
% letting TCP traffic through the firewall.
%     Reguards,
%     Eoin Miller

neither is more secure than the other.  UDP works for small packets and
simple queries.  Complex RRsets and big packets (zone transfers, dynamic
updates, SIG/CERT RRs, A6 chaining, multiple AAAAs etc.) exceed UDP
packet limits and will "failover" to using TCP.


More information about the bind-users mailing list