Unexpected outgoing DNS traffic & "connection reset"
Merton Campbell Crockett
mcc at CATO.GD-AIS.COM
Sun Oct 30 16:28:28 UTC 2005
On Sun, 30 Oct 2005, Steve Snyder wrote:
> I'm running BIND 9.2.1 (with security patches) on a Linux system. My
> nameserver should only be satisfying requests from the local network, and
> caching resolutions from outside the network. So why do I have outgoing
> TCP traffic to destination port 53?
>
> Here's a snippet of my named.conf:
>
> listen-on { 127.0.0.1; 192.168.0.1; };
> allow-query { 127.0.0.1; 192.168.0/24; };
> allow-transfer { 192.168.0/24; };
>
> On my nameserver machine interface eth0 is 192.168.0.1 on a 192.168.0/24
> network, and interface eth1 faces the internet (IP is obscured below as
> "aaa.bbb.ccc.ddd").
>
> My understanding is that TCP is only used when transferring a zone which
> is too large to fit into a UDP packet. Given that I am (in theory) not
> transferring zones outside my LAN, there should be no need for outgoing
> TCP traffic to port 53, right?
The days of only needing UDP port 53 to perform DNS queries are long over.
There are a number of domains that will require you to use TCP just to get
the list of name servers to query.
Merton Campbell Crockett
--
BEGIN: vcard
VERSION: 3.0
FN: Merton Campbell Crockett
ORG: General Dynamics Advanced Information Systems;
Intelligence and Exploitation Systems
N: Crockett;Merton;Campbell
EMAIL;TYPE=internet: mcc at CATO.GD-AIS.COM
TEL;TYPE=work,voice,msg,pref: +1(805)497-5045
TEL;TYPE=work,fax: +1(805)497-5050
TEL;TYPE=cell,voice,msg: +1(805)377-6762
END: vcard
More information about the bind-users
mailing list