DNS and TCP
Bill Larson
wllarso at swcp.com
Wed Oct 2 15:04:21 UTC 2002
There is a recent/current thread about TCP packets being used for DNS
communication, and this brought up a question for me.
Can anyone provide any examples of "reasonable" DNS queries that would
overflow a UDP packet and require retransmission using TCP? Specific,
non-contrived, examples would be appreciated.
I fully understand that if too much data is being provided in the DNS
response (>512 bytes) then TCP retransmission will be necessary. My
problem is that at work (which will remain nameless), someone managing
the network has blocked incoming TCP traffic on port 53. This means
that, in general, no one can obtain DNS information using TCP. This
was done under the belief that the only reason for DNS to use TCP is
for zone transfers, and that these must be blocked.
I would like to provide them an example of where their blocking DNS
services using TCP may cause problems. Specific possibilities that I
can imagine would include:
Large numbers of glue records (lots of NS records for the zone)
Large numbers of answers (multiple records, maybe MX records?)
Large answers (a large TXT record)
Contriving such a situation would be trivial, I have done this using
long TXT records, but can anyone provide an example that really is
being used out there?
Thanks,
Bill Larson (wllarso at swcp.com)
More information about the bind-users
mailing list