firewalling

[Ronan Flood]

"HuMPie" <humpie at grunn.org> wrote:

> Only allow UPD traffic is enough, TCP traffic is only needed if you are
> a master DNS server and need transferring zones to your slave.

Not true: you may need TCP if the response to a query is large and one
or other server doesn't support EDNS0 large UDP packets.

-- 
                      Ronan Flood <R.Flood at noc.ulcc.ac.uk>
                        working for but not speaking for
             Network Services, University of London Computer Centre
     (which means: don't bother ULCC if I've said something you don't like)