On Sat, May 18, 2002 at 12:33:31AM +0200, Sneppe Filip wrote: > [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > >>On Thu, May 16, 2002 at 02:11:33PM -0400, Ramin Alidousti wrote: > >> > >> When does a UDP DNS query result in a TCP response? DNS doesn't work that > >> way. See rfc1035. > > > >I believe it does in the case of *large* responses: > > > >http://www.acmebw.com/askmrdns/archive.php?category=81&question=189 > > I believe Ramin wasn't actually expecting an answer to his question :-) > It should actually be taken as a statement.
Oh :) > One cannot simply send a UDP packet and expect a tcp packet in return, > since tcp require a packet exchange of three packets before any actual > data goes over it. So what happen in reality is that the client sends a > udp packet, either gets a response to use tcp or gets no response at all; > in both cases the client is supposed to revert to tcp for the DNS lookup, > and this means going through the SYN, SYN+ACK, ACK 3-way handshake first. Yeah, that makes sense. I've always gathered that there's a TCP response, but I wasn't quite sure how it worked, especially as the method I had in mind was quite obviously broken. > As you can see, a firewall will not have any problems with this type of > packet exchange. Excellent :) Do you know of a good url for a precise explanation of this... or should I work my way through rfc1035? -- FunkyJesus System Administration Team
