On Fri, 2002-10-18 at 08:41, Dickon Newman wrote: > Remember that DNS is UDP port, not a TCP port. I'm not sure about how > you've setup your firewall, or if it even makes the distinction between the > two (I would hope that it would!). > This myth is the cause of most of the DNS problems I've had to fix in the past, DNS is BOTH tcp and udp, responses that are too large for a single udp packet may be sent by tcp.
A related (but still false) commonly held belief is that udp is used for queries and tcp for zone transfers, this frequently happens, but only because zone transfers are larger than queries, it isn't designed to happen that way. -- Jason Kohles [EMAIL PROTECTED] Senior Engineer Red Hat Professional Consulting
