Usage of TCP/53
peter at peter-dambier.de
Fri Sep 29 07:50:03 UTC 2006
Barry Margolin wrote:
> In article <efh5ui$2dk2$1 at sf1.isc.org>,
> Peter Dambier <peter at peter-dambier.de> wrote:
>>All queries can be either UDP or TCP.
> Not quite. The standards say that except for zone transfers, the client
> MUST try UDP first, and only switch to TCP if the UDP response is
> truncated. So if all your responses fit in 500 bytes, TCP should never
> be needed for non-transfer queries.
>> Sometimes servers, routers or
>>firewalls are broken and TCP is your only chance.
> Never heard of this case. The usual problem is that TCP/53 is blocked
> at the firewall, not UDP/53. I've never heard of any common client
> implementations automatically trying TCP when UDP times out, so if your
> network only allows TCP then I'd expect 99% of queries to fail
There has been an issue with windows
"Mail may not be delivered to certain domains if Server OS is Windows Server 2003"
Some of those boxes are still outside and I guess they are not the only ones.
and with World Nic
"using TCP53 for DNS"
"Problems with NS*.worldnic.com"
I remember dns would use tcp on packetradio links (mtu < 256) when outside
routers did not understand ICMP (broken firewalls). The problem was in the routers splitting and
reassembling packets so resulting packetsize was > 512 and sometimes bigger
than the secret mtu of the broken firewalls.
Peter and Karin
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.serveftp.com
More information about the bind-users