Tony,
Like I said in the email.... and I quote
"There are some known problems when only allowing DNS UDP queries
to go out your firewall. Although DNS TCP is only for zonetransfers
it is sometimes recommended to allow DNS TCP to go out to your
ISP DNS servers"
I mean by this that DNS TCP isn't only used for zonetransfers although
the DNS & Bind book is telling an other story. I know for sure that TCP is
also used for DNS queries.
Greets
Brenno
> -----Original Message-----
> From: Tony Rall [SMTP:[EMAIL PROTECTED]]
> Sent: dinsdag 1 mei 2001 20:56
> To: Hiemstra, Brenno
> Cc: [EMAIL PROTECTED]
> Subject: RE: Secure DNS setup
>
>
> >Although DNS TCP is only for zonetransfers
>
> Wrong. TCP is also used for (some) normal queries. Discussed many times
> on this list. Read the archives and read the RFC for dns.
>
> Tony Rall
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
