So this comes from the first hit on a google search. I only mention that because the information comes from another vendor who shall remain nameless (grin).
Domain Name System (DNS) is a protocol that provides mapping service between domain names and IP addresses. A client sends a DNS query in the form of a domain name, and a DNS server answers with the IP address associated with that domain name. DNS typically uses UDP port 53. A DNS message is normally contained within a single UDP packet. DNS uses compression to eliminate the repetition of domain names in a message. The compression schema uses a pointer to refer to a prior name string when the string repeats later in a DNS message. A DNS message containing a pointer that points to itself, or pointers that point to each other, result in a pointer loop. Pointer loops are protocol anomalies that should be detected. This is because some DNS handlers could fail to handle such packets, resulting in denial of service conditions. A packet containing this type of protocol anomaly could also indicate that non-DNS traffic is being transmitted over DNS ports. For example, illegal peer-to-peer downloading, Trojan activity, odd chat programs, etc. Regards, Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Mailto: [email protected] Telephone: +1.810.326.1444 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com On Apr 4, 2010, at 3:42 PM, Anantha Subramanian Natarajan wrote: > Hi All, > > My understanding on when Cisco ASA does DNS inspection by default it also > verifies compression pointer loop exists.I sort of understand that,if > compression pointer loop exists,it would cause infinite lookup of the DNS > server.My question is ,what is meant by compression pointer loop. > > Thanks for great help > > Regards > Anantha Subramanian Natarajan > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
