TCP vs. UDP in query responses?
Chris De Young
chd at arizona.edu
Tue Jun 15 01:39:16 UTC 2004
> I don't see any reason why this lookup would ever need to use TCP.
I didn't either, but...
>What evidence suggests that this firewall rule is the problem?
The firewall logged TCP traffic on port 53 as well, and changing the
rule set from "allow UDP 53" to "allow UDP and TCP 53" appears to have
solved the problem. So, although I don't understand *why* the remote
resolver is doing this, it does appear to be using UDP sometimes and
TCP other times. The firewall rule can stay that way; I'm now just
trying to understand the behavior.
Richard Maynard said that some libraries will try UDP and then TCP; my
only guess at this point is that this is one of them, and that some
minor packet loss between the resolver and here is causing the UDP
query to occasionally be lost, so we might be seeing TCP retries.
I can't prove it, but I can't think of anything better.
Thanks to all!
Cheers,
-Chris
More information about the bind-users
mailing list