On Fri, Jun 13, 2008 at 02:14:55PM -0400, Jon Kibler wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark Price wrote:
SNIP
From what I have read, public DNS servers should support both UDP and
TCP queries. TCP queries are often used when a UDP query fails, or if
the answer is over a certain length.
UDP is used for queries.
TCP is used for zone transfers.
If my server responded to TCP queries from anyone other than a secondary
server, I would be VERY concerned.
Red alert:
[cookiemonster:~] owens% dig +tcp aset.com @209.190.93.130 soa
; DiG 9.4.2 +tcp aset.com @209.190.93.130 soa
;; global options: printcmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 5864
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 2
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;aset.com. IN SOA
;; ANSWER SECTION:
aset.com. 14400 IN SOA ns1.sims.net.
hostmaster.aset.com. 2006111001 10800 3600 360 86400
;; AUTHORITY SECTION:
aset.com. 14400 IN NS ns3.trustns.net.
aset.com. 14400 IN NS ns1.sims.net.
aset.com. 14400 IN NS ns1.trustns.net.
aset.com. 14400 IN NS ns2.sims.net.
aset.com. 14400 IN NS ns2.trustns.net.
;; ADDITIONAL SECTION:
ns1.sims.net. 86400 IN A 209.190.93.130
ns2.sims.net. 86400 IN A 209.190.93.132
;; Query time: 31 msec
;; SERVER: 209.190.93.130#53(209.190.93.130)
;; WHEN: Fri Jun 13 14:31:13 2008
;; MSG SIZE rcvd: 211
Bill.