From: Scott Morris (swm@emanon.com)
Date: Wed Dec 06 2006 - 13:47:02 ART
Clients are supposed to use UDP. Often they backfill to TCP if no response
is obtained (MS in particular does this). TCP is supposed to be used for
zone transfers where the reliability of the transfer is actually required!
Many DNS servers have configuration options to prohibit client requests on
TCP. Many firewall admins don't open TCP/53 other than specifically from
external DNS servers where zone transfers are necessary.
But it's really a configuration choice that you happen to make. UDP is the
way things are supposed to work from the client's perspective! :)
HTH,
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
#153, CISSP, et al.
CCSI/JNCI-M/JNCI-J
IPExpert VP - Curriculum Development
IPExpert Sr. Technical Instructor
smorris@ipexpert.com
http://www.ipexpert.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Abu
Hamzah
Sent: Wednesday, December 06, 2006 9:54 AM
To: ccielab@groupstudy.com
Subject: DNS Port Usage
Hi all
Can someone please clarify how UDP and TCP DNS port 53 is used?
I know that when we try to connect to a website we use UDP DNS port 53.
Also, when a name server is doing Zone transfers it uses TCP port 53 for DNS
Zone transfer. How about, if we connect to a name server1 for resolving say
www.abc.com and this server1 can't resolve the name then does server1 use
TCP port 53 for DNS to and get this from server2?
Any good URL for this background info would be appreciated.
thanks
Abu Hamzah
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART