DNS Ports

[Dave Harman]

You know, I think you're more interested in being "right"
than in being helpful.

The statement "DNS uses UDP to send and get data"
is true. Now, if I had written "DNS uses *only*
UDP to send and get data, that would be false. 

As to whether you think have anything to "un-learn", this is
arrogance masquerading as knowledge.

I did not include TCP in my inquiry because I know that
the TCP port for DNS is 53. I wanted to know if the resolver uses
unpriveleged ports to send queries and receive responses.
I also asked if the resolver caches the reply or the DNS server.

Fortunately, someone else who was more interested in answering my 
questions than in picking apart my rhetoric gave me a informative reply.

I really have no interest in your web page. I have a firewall to
get operating.

Dave Harman

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Jonathan de Boyne Pollard
Sent: Wednesday, July 23, 2003 4:24 AM
To: comp-protocols-dns-bind at isc.org
Subject: Re: DNS Ports


DH> Thank you for your reply, but a simple statement
DH> that I have to "un-learn" this is not much informatin.

That's why I said to see the web page for details.  It
describes, for each case, either the decision criterion 
for having a DNS/TCP hole in one's firewall or the reason
that a DNS/TCP hole is always necessary.

DH> As to "see the web page for details" - what web page ?

The web page whose URL I gave you in line 3 of that very 
message (and that you've even just included again in 
your reply).

DH> As to being wrong, both "Linux Firewalls 2nd edition" 
DH> and O'Reilly's "DNS and BIND" discuss this and both 
DH> agree queries and responses are sent and received by 
DH> UDP and TCP is used only is UDP size is exceeded.

Which is _not_ the same as:

	DH> DNS uses UDP to send and get data.