[lug] Quote of the Day
rm at mamma.varadinet.de
rm at mamma.varadinet.de
Thu Feb 8 05:20:22 MST 2001
On Wed, Feb 07, 2001 at 03:26:28AM -0700, Nate Duehr wrote:
> TCP should only be inbound to a DNS server unless it's servicing slave
> servers. Then you need TCP open both ways.
>
> Queries can be either high ports (1024 =>) or port 53 and should always
> be UDP unless TSIG or DNSSEC is being used (rare).
>
> If you use the "dig" or "nslookup" tools and do authoritative zone
> transfers larger than 512 bytes, the answer will come back TCP instead
> of UDP inbound to your resolver also.
Ok, that's how i understood it.
Ralf
More information about the LUG
mailing list