On Fri, 9 Jun 2000, Brian J. Murrell wrote:
> I understand the theory of DNS regarding the use of UDP and TCP but am
> wondering about the real-world use of TCP DNS. Are there any sites that
> use TCP exclusively for legitmate requests (i.e. NOT axfr)?
I'm not aware of any exclusive TCP implementations, but if you read the
RFCs, large answer sets are always sent via TCP.
> I am contemplating disallowing TCP DNS at my firewall and am wondering
> about what "real world" collateral damage would be caused (examples of
> specific sites and software that would break please -- I have enough
> theory right now).
AOL used to hand out large answer sets (for MX's I think), not sure who
else specificly, why not log for a while at your border and see?
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
