Guy Baconniere wrote: > When the query reaches the DNS of the ISP it will reply with a DNS TCP > reply if minimal-responses is no (default on Bind9) or with a small > UDP DSN reply if minimal-responses is yes.
I can't quite see how that would be correct. When a resolver issues a query with UDP, it will expect a reply (minimal or not) via UDP. Only if it does not get a useful answer via UDP will it change and try a TCP query. > I recommend that all ISP use minimal-responses yes or equivalent on > their DNS server. This will save bandwidth and avoid DNS TCP reply to > be blocked in a Firewall in the path. When the client has issued a TCP query, any half-way decent firewall will know not to block the reply. /Per -- Per Jessen, Herrliberg (19.8°C) _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog