On Fri, Jun 13, 2008 at 02:14:55PM -0400, Jon Kibler wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mark Price wrote: <SNIP>
From what I have read, public DNS servers should support both UDP and TCP queries. TCP queries are often used when a UDP query fails, or if the answer is over a certain length.
UDP is used for queries.
TCP is used for zone transfers.
If my server responded to TCP queries from anyone other than a secondary server, I would be VERY concerned.
Red alert: [cookiemonster:~] owens% dig +tcp aset.com @209.190.93.130 soa ; <<>> DiG 9.4.2 <<>> +tcp aset.com @209.190.93.130 soa ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5864 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;aset.com. IN SOA ;; ANSWER SECTION: aset.com. 14400 IN SOA ns1.sims.net. hostmaster.aset.com. 2006111001 10800 3600 3600000 86400 ;; AUTHORITY SECTION: aset.com. 14400 IN NS ns3.trustns.net. aset.com. 14400 IN NS ns1.sims.net. aset.com. 14400 IN NS ns1.trustns.net. aset.com. 14400 IN NS ns2.sims.net. aset.com. 14400 IN NS ns2.trustns.net. ;; ADDITIONAL SECTION: ns1.sims.net. 86400 IN A 209.190.93.130 ns2.sims.net. 86400 IN A 209.190.93.132 ;; Query time: 31 msec ;; SERVER: 209.190.93.130#53(209.190.93.130) ;; WHEN: Fri Jun 13 14:31:13 2008 ;; MSG SIZE rcvd: 211 Bill.