TCP vs. UDP in query responses?

Hyo-Jeong Shin shinhj at hana.ne.kr
Tue Jun 15 00:57:32 UTC 2004


Q: DNS quereis use UDP by default.
A: No. MS Exchange Server and Bagle Worm use TCP by default.

Usually, DNS queries UDP datagram.
If answer of UDS query is larger than 512 bytes, server answers with
TC(message truncated)=1 of DNS header.
That incurs following TCP query.

You can generate TCP query by option "set=vc" in "nslookup".
When I query www.math.arizona.edu, the answer was ok.

Chris De Young wrote:

>Hi,
>
>My understanding is that DNS queries and responses by default use UDP,
>but will switch to TCP if the response record set is large (and TCP is
>used for zone transfers).  Am I correct?
>
>If so, what determines when TCP is used vs. UDP?  I have some
>recollection that TCP will be used if the response record set is larger
>than 512 bytes, but I don't remember where I got that from so I don't
>have any confidence that it's right.  :-)
>
>Is this threshold fixed, or will it depend on other factors?
>
>I have a remote user (in Norway, I think) having intermittent problems
>resolving a particular name (www.math.arizona.edu, not a large RR
>set), and it *seems* tentatively to be the result of firewall rules
>that permit DNS over UDP but not TCP -- but I can't prove it yet, and
>it doesn't seem intuitive unless there are other factors that I don't
>know about determining the use of TCP vs. UDP.
>
>Thanks,
>-Chris
>  
>


-- 
Hyo-jeong Shin
Internet Networking Team
KT Corporation, Technology Lab.
463-1 Jeonmin-dong, Yuseong-gu, Daejeon 305-811, KOREA
Office:042-870-8194(or 0502-393-2228) Fax:042-870-8339




More information about the bind-users mailing list