Reg:Dns issue

Hi All,

I have a confusion about DNS.I know that its uses port 53 and uses both TCP/UDP.But in which case DNS will use TCP and whicg case DNS will use UDP.

Please help.

Thanks 

Comments

  • UDP is for DNS queries, TCP is for DNS Zone Transfers.

    Typically, You would allow TCP/UDP 53 between your Internal and External DNS servers and only UDP 53 between the External DNS and your ISP DNS

  • In Windows, DNS response larger then 512 bytes will be truncated, and a flag in the response packet will trigger the client to re-query using TCP instead of UDP.  Normally, if the response is a single IP address, UDP is well enough.  However, when the response contains data instead of IP addresses (e.g. TEXT records, SRV records, MX records, Reverse Lookups, etc), the client may need to use TCP to obtain the whole response from the server.

    Reference: http://technet.microsoft.com/en-us/library/dd197515.aspx

  • Maybe this helps:

     

    PORT 53 - Information

    Port Number: 53
    TCP / UDP: UDP
    Delivery: No
    Protocol / Name: domain
    Port Description: Domain Name
    Server (DNS).DNS servers offer different services on TCP and UDP. TCP
    is used for "zone transfers" of full name record databases, while UDP
    is used for individual lookups. Security Concerns: Zone Transfers give
    away entire network maps; high value to attackers. - DNS (BIND) is a
    popular target, since DNS servers must exist, must be reachable, and
    exploits usually result DOS or root. Keep BIND version/patches current
    (refer to www.isca.org). Use "split-DNS"
    Virus / Trojan: No
  • The official statement:

    RFC 1123 Section 6.1.3.2

    Transport Protocols

    DNS resolvers and recursive servers MUST support UDP, and SHOULD support TCP, for sending (non-zone-transfer) queries. Specifically, a DNS resolver or server that is sending a non-zone-transfer query MUST send a UDP query first. If the Answer section of the response is truncated and if the requester supports TCP, it SHOULD try the query again using TCP.

    DNS servers MUST be able to service UDP queries and SHOULD be able to service TCP queries. A name server MAY limit the resources it devotes to TCP queries, but it SHOULD NOT refuse to service a TCP query just because it would have succeeded with UDP.

     

  • Thanks



     

    On Fri, May 22, 2009 at 5:25 PM, Ricardo Martins <[email protected]> wrote:

    UDP is for DNS queries, TCP is for DNS Zone Transfers.

    Typically, You would allow TCP/UDP 53 between your Internal and External DNS servers and only UDP 53 between the External DNS and your ISP DNS





    Internetwork Expert - The Industry Leader in CCIE Preparation
    http://www.internetworkexpert.com

    Subscription information may be found at:
    http://www.ieoc.com/forums/ForumSubscriptions.aspx


Sign In or Register to comment.