Priscilla Oppenheimer wrote:
>
> At 04:41 PM 11/6/00, Mark Nguyen wrote:
>
> > >
> > > If this is an authoritative DNS server, you will need TCP for it to do
> > > zone transfers and name queries. If it is only caching, then UDP alone
> > ^^^^^^^^^^^^
> >Just to clear up some confusion, when I said name queries, I meant the
> >name queries from remote sites to your DNS server (this is required if
> >your DNS server is the authority for a particular domain). I don't mean
> >the name queries from your local network.
>
> Name queries to an authoritative DNS server are still in UDP. It's zone
Not always. Name queries from clients can be TCP if the initial
response is too large. Initially, the UDP query will generate a UDP
reply. If the response is greater than about 500 bytes, it will be
truncated and a truncate flag will be set. Then the client (or name
server) is suppose to retry with TCP. This is the behavior for a BIND
8.x name server... I believe it's the same with BIND 9.0.0.
Therefore, TCP (as well as UDP) is needed for name queries. The name
queries primarily use UDP, but you'll still use TCP in certain cases.
You need it open for zone transfers anyway.
Mark
--
Senior IT Engineer - Corporation for National Research Initiatives
Senior Engineer - Foretec
SunCSA, SunCNA, CCDP, CCNP, MCSE, CNE
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
