Re: DNS Problem

Priscilla Oppenheimer Tue, 07 Nov 2000 13:26:45 -0800
Thanks for the info. I was just getting sick of all the misinformation so I 
over-simplified a bit and optimized for the most usual case. I was glad to 
get your response, though, since you obviously have the Authoritative 
Answer bit set! &;-)

So, why would a DNS query generate a response that would be larger than 500 
bytes, though?? I am aware of the Truncation bit in the DNS header, but 
have never seen it set. Just trying to learn. Thanks.

Priscilla

At 10:38 AM 11/7/00, you wrote:
>Priscilla Oppenheimer wrote:
> >
> > At 04:41 PM 11/6/00, Mark Nguyen wrote:
> >
> > > >
> > > > If this is an authoritative DNS server, you will need TCP for it to do
> > > > zone transfers and name queries.  If it is only caching, then UDP alone
> > >                      ^^^^^^^^^^^^
> > >Just to clear up some confusion, when I said name queries, I meant the
> > >name queries from remote sites to your DNS server (this is required if
> > >your DNS server is the authority for a particular domain).  I don't mean
> > >the name queries from your local network.
> >
> > Name queries to an authoritative DNS server are still in UDP. It's zone
>
>Not always.  Name queries from clients can be TCP if the initial
>response is too large.  Initially, the UDP query will generate a UDP
>reply.  If the response is greater than about 500 bytes, it will be
>truncated and a truncate flag will be set.  Then the client (or name
>server) is suppose to retry with TCP.  This is the behavior for a BIND
>8.x name server... I believe it's the same with BIND 9.0.0.
>
>Therefore, TCP (as well as UDP) is needed for name queries.  The name
>queries primarily use UDP, but you'll still use TCP in certain cases.
>You need it open for zone transfers anyway.
>
>Mark
>--
>Senior IT Engineer - Corporation for National Research Initiatives
>Senior Engineer - Foretec
>SunCSA, SunCNA, CCDP, CCNP, MCSE, CNE
>
>_________________________________
>FAQ, list archives, and subscription info: 
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]


________________________

Priscilla Oppenheimer
http://www.priscilla.com

_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DNS Problem

Reply via email to
