TCP vs. UDP in query responses?
Barry Margolin
barmar at alum.mit.edu
Tue Jun 15 00:57:04 UTC 2004
In article <calgj5$4n5$1 at sf1.isc.org>, Chris De Young <chd at arizona.edu>
wrote:
> Hi,
>
> My understanding is that DNS queries and responses by default use UDP,
> but will switch to TCP if the response record set is large (and TCP is
> used for zone transfers). Am I correct?
>
> If so, what determines when TCP is used vs. UDP? I have some
> recollection that TCP will be used if the response record set is larger
> than 512 bytes, but I don't remember where I got that from so I don't
> have any confidence that it's right. :-)
>
> Is this threshold fixed, or will it depend on other factors?
That was the original specification. However, an extension mechanism
called EDNS0 allows the client to specify the maximum size datagram it
can accept. If the client and server support this mechanism, larger
responses can be sent without switching to TCP.
> I have a remote user (in Norway, I think) having intermittent problems
> resolving a particular name (www.math.arizona.edu, not a large RR
> set), and it *seems* tentatively to be the result of firewall rules
> that permit DNS over UDP but not TCP -- but I can't prove it yet, and
> it doesn't seem intuitive unless there are other factors that I don't
> know about determining the use of TCP vs. UDP.
I don't see any reason why this lookup would ever need to use TCP. What
evidence suggests that this firewall rule is the problem?
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list