udp vs tcp query

Kevin Oberman kob6558 at gmail.com
Sun Oct 23 16:14:40 UTC 2011


On Sun, Oct 23, 2011 at 6:43 AM, Benny Pedersen <me at junc.org> wrote:
> On Sun, 23 Oct 2011 13:56:21 +1000, Noel Butler wrote:
>>
>> I think you have something broken, bind uses UDP by default, if
>> it can not connect to a dns server on UDP it then retries on TCP.
>>
>>  It also uses TCP for AXFR's
>
> correct, its not my problem how axfr works, as i have sleeped on it now, got
> the idear its might be edns0 problem relatted ?, thats explain why i see
> some dnsbl domains works and others not working
>
> how do i test this ?
>
> imho edns0 will always use tcp not udp, correct ?

Not at all. edns0 allows for a number of added capabilities, but makes
no difference as to whether TCP or UDP is tried first. It also has the
same "rules" on when to switch to TCP.

The biggest single difference edns0 makes is to allow larger UDP
packets. Without edns0, UDP packet size is limited to 512 bytes. With
edns0, packets may typically run up to 4K bytes.

If you are seeing issues with edns0, look for firewall issues. Make
sure that it is not limiting DNS UDP to 512 and that it is allowing
fragments. These are two of the most causes of problems with edns0
enabled operations in DNS.
-- 
R. Kevin Oberman, Network Engineer
E-mail: kob6558 at gmail.com



More information about the bind-users mailing list