impact on DNS servers. This is
>
>especially important with DNSSEC, where answers are much larger.
>
>
>
>
>
>
>
>
>
> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
> Roberto Carna
> Sent: Monday, February 4, 2019 4:46 PM
> T
. This is
especially important with DNSSEC, where answers are much larger.
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Roberto
Carna
Sent: Monday, February 4, 2019 4:46 PM
To: ML BIND Users
Subject: DNS Flag Day: I had to open the TCP/53 port
Dear, I
Ben, thanks a lot !!!
Regards
On Mon, Feb 4, 2019 at 11:04 AM Ben Croswell wrote:
> When a DNS response is too large to fit in a single UDP packet, 512 bytes
> up to 4k with edns, the DNS server will respond with as much as it can fit
> in the UDP packet. It will also set the truncate, TC, bit
When a DNS response is too large to fit in a single UDP packet, 512 bytes
up to 4k with edns, the DNS server will respond with as much as it can fit
in the UDP packet. It will also set the truncate, TC, bit to let the client
doing the query that the answer is truncated and the client should query
Just about anything (if it is large enough).
r
On 2019-02-04 08:56 AM, Roberto Carna wrote:
Thanks Ben for your response, can you tell me the types of TCP traffic I have
to expect in BIND, excepting Zone Tansfer?
Thans a lot again!!!
El lun., 4 feb. 2019 a las 10:50, Ben Croswell
Thanks Ben for your response, can you tell me the types of TCP traffic I
have to expect in BIND, excepting Zone Tansfer?
Thans a lot again!!!
El lun., 4 feb. 2019 a las 10:50, Ben Croswell ()
escribió:
> BIND has always required UDP and TCP 53 for proper functionality. It
> sometimes mistakenly
BIND has always required UDP and TCP 53 for proper functionality. It
sometimes mistakenly believed that TCP is only for zone transfers but that
is not the case.
On Mon, Feb 4, 2019, 8:46 AM Roberto Carna Dear, I have a BIND 9.10 public server and I have delegated some public
> domains.
>
> When
Dear, I have a BIND 9.10 public server and I have delegated some public
domains.
When I test these domains with the EDNS tool offered in the DNS Flag Day
webpage, the test was wrong wit just UDP/53 port opened to Internet.
After that, when I opened also TCP/53 port, the test was succesful.
8 matches
Mail list logo