Re: Has PSI been assigned network 1?
For DNS to be usable, folks have to permit TCP DNS to work. I know of some service providers that filter TCP DNS connections. UDP packets are not big enough for many responses from an whois-type request. -- Stan | Academ Consulting Services |internet: sob@academ.com Olan | For more info on academ, see this |uucp: bcm!academ!sob Barber | URL- http://www.academ.com/academ |Opinions expressed are only mine.
For DNS to be usable, folks have to permit TCP DNS to work. I know of some service providers that filter TCP DNS connections. UDP packets are not big enough for many responses from an whois-type request.
Good point. As an addendum, those wishing to prevent zone transfers can use BIND's xfernets control to achieve this, and thus allow large responses while inhibiting undesired zone transfers. randy
Randy Bush
For DNS to be usable, folks have to permit TCP DNS to work. I know of some service providers that filter TCP DNS connections. UDP packets are not big enough for many responses from an whois-type request.
Good point. As an addendum, those wishing to prevent zone transfers can use BIND's xfernets control to achieve this, and thus allow large responses while inhibiting undesired zone transfers.
randy
For DNS to be usable, folks have to permit TCP DNS to work. I know of some service providers that filter TCP DNS connections. UDP packets are not big enough for many responses from an whois-type request.
TCP fallback is part of the DNS protocol. Any provider who blocks it is already losing. We don't need to pay attention to them in the design, they will fix their nets or they will lose more than they already are. Not our problem.
participants (4)
-
Brett Watson -
Paul A Vixie -
randy@psg.com -
sob@academ.com