tcp versus udp
Peter Dambier
peter at peter-dambier.de
Tue May 5 09:31:48 UTC 2009
Hello Martin,
since a major outage at my provider, dtag.de or Deutsche Telecom AG, I have trouble
with f.root-servers.net. Sometimes "dig ... +vc" does help me to see f.root-servers.net.
The real problem is anycast. With udp it behaves different than with tcp.
When querying servers that are difficult to reach, sometimes you are more lucky with
tcp than with udp.
Amplification attacks using nameservers don't work with tcp.
Sometimes bugs in resolvers sometimes in clients cause failover to tcp.
With DNSSEC tcp is almost a must. Same with IPv6.
Kind regards
Peter
Martin McCormick wrote:
> When are tcp dns queries necessary?
>
> It was my understanding that clients could user tcp or
> udp.
>
> Martin McCormick WB5AGZ Stillwater, OK
> Systems Engineer
> OSU Information Technology Department Telecommunications Services Group
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
http://www.peter-dambier.de/
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
ULA= fd80:4ce1:c66a::/48
More information about the bind-users
mailing list