UDP open ports [was: ubuntu-devel Digest, Vol 23, Issue 16]
Ian Jackson
ian at davenant.greenend.org.uk
Mon Jul 10 16:30:25 BST 2006
Scott James Remnant writes ("Re: UDP open ports [was: ubuntu-devel Digest, Vol 23, Issue 16]"):
> But I do not believe [nameservers] must allow TCP/53 for responses
> that are SMALLER than a single UDP packet.
RFC1123 `Requirements for Internet Hosts - Application and Support'
aka STD-3:
6.1.3.2 Transport Protocols
DNS resolvers and recursive servers MUST support UDP, and
SHOULD support TCP, for sending (non-zone-transfer) queries.
Specifically, a DNS resolver or server that is sending a
non-zone-transfer query MUST send a UDP query first. If the
Answer section of the response is truncated and if the
requester supports TCP, it SHOULD try the query again using
TCP.
DNS servers MUST be able to service UDP queries and SHOULD
be able to service TCP queries. A name server MAY limit the
resources it devotes to TCP queries, but it SHOULD NOT
refuse to service a TCP query just because it would have
succeeded with UDP.
Ian.
More information about the ubuntu-devel
mailing list