On Sat, 2009-06-06 at 23:22 -0700, Bill Landry wrote: > It's only used twice in the script, and it was added because other users > had reported that their DNS queries were being truncated due to DNS UDP > packet size limitations, which "host -T" (TCP mode) overcomes. > > And the problem is not that DNS servers don't support TCP (all do), it's > that some admins block TCP over port 53 on their firewalls, for some > reason, which will cause problems when DNS servers automatically > fall-back to TCP mode when the query response would be larger than a > single UDP packet can support. > > Debian does not support "host -T", doesn't it? If you do:
Yes, Debian host supports -T. > I've only heard one other complaint about this in the past, and I > advised the person to open TCP on port 53 on their firewalls and that > resolved the problem for them. Ask the person reporting the problem to > check both their internal firewall (iptables, shorewall, etc.) and any > external firewall (router ACL, PIX, WatchGuard, etc.) to make sure that > TCP over port 53 is permitted and report back if that resolves the issue > for them, as well. Will do. -- bye, pabs http://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Pkg-clamav-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/pkg-clamav-devel
