Re: The old chestnut - is TCP necessary?
This is a discussion on Re: The old chestnut - is TCP necessary? within the Bind Users forums, part of the DNS and Related Forums category; The servers in question are acting as caching servers querying the Internet on behalf of client population who are unlikely ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-17-2004
|
|||
|
|||
Re: The old chestnut - is TCP necessary?
The servers in question are acting as caching servers querying the
Internet on behalf of client population who are unlikely to be running anything other than an MS stub resolver. The security guys stance is that unless it can be demonstrated that a particular query will cause truncation, then they will only allow UDP query/response from the clients and to the Internet. Marc "Roy S. Rapoport" wrote: > > On Thu, Sep 16, 2004 at 09:20:03PM +0100, Marc Thach Xuan Ky wrote: > > I have a friend 8^) who wants to allow TCP DNS through the firewall. The > > firewall people are not keen to do this. Telling them that "the > > firewall is broken" unfortunately does not sway them. My friend needs > > examples of real Internet domain lookups that truncate and require TCP. > > Does anybody out there know of any? > > Why does it matter what other people have? Does your friend have a need for > TCP DNS? If so, he should be able to demonstrate the need based on his own > requirements, rather than someone else's requirements. > > -roy 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 11:08 PM.
