nanog mailing list archives

Re: using TCP53 for DNS

From: Stephane Bortzmeyer <bortzmeyer () nic fr>
Date: Wed, 27 Apr 2005 09:26:44 +0200


On Tue, Apr 26, 2005 at 03:04:25PM -0400,
 Patrick W. Gilmore <patrick () ianai net> wrote 
 a message of 46 lines which said:

I am interested in how many name servers - caching or authoritative
- are filtering incoming and/or outgoing TCP port 53.


For authoritative name servers of TLD, you can browse:

http://www.generic-nic.net/dyn/mon/

And see that incoming TCP is often filtered, even on serious TLD:


w: Server doesn't listen/answer on port 53 for TCP protocol

    * Ref: IETF RFC1035 (p.32 4.2. Transport)

      The DNS assumes that messages will be transmitted as datagrams or in a byte stream carried by a virtual circuit. 
While virtual circuits can be used for any DNS activity, datagrams are preferred for queries due to their lower 
overhead and better performance.

    * ns.cnc.ac.cn./159.226.1.1
    * ns.cernet.net./202.112.0.44

Current thread:

using TCP53 for DNS Patrick W. Gilmore (Apr 26)
- Re: using TCP53 for DNS Florian Weimer (Apr 26)
  - Re: using TCP53 for DNS Christopher L. Morrow (Apr 26)
    - Re: using TCP53 for DNS Florian Weimer (Apr 26)
    - Re: using TCP53 for DNS Christopher L. Morrow (Apr 26)
    - Re: using TCP53 for DNS Stephane Bortzmeyer (Apr 27)
  - Re: using TCP53 for DNS Patrick W. Gilmore (Apr 26)
    - Re: using TCP53 for DNS Stephane Bortzmeyer (Apr 27)
- Re: using TCP53 for DNS Stephane Bortzmeyer (Apr 27)
- Re: using TCP53 for DNS Nils Ketelsen (Apr 28)