[80192] in North American Network Operators' Group
Re: using TCP53 for DNS
daemon@ATHENA.MIT.EDU (Stephane Bortzmeyer)
Wed Apr 27 03:32:03 2005
Date: Wed, 27 Apr 2005 09:26:44 +0200
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: "Patrick W. Gilmore" <patrick@ianai.net>
Cc: nanog@merit.edu
In-Reply-To: <13C80745-79D4-4D80-8368-E58233538C05@ianai.net>
Errors-To: owner-nanog@merit.edu
On Tue, Apr 26, 2005 at 03:04:25PM -0400,
Patrick W. Gilmore <patrick@ianai.net> wrote
a message of 46 lines which said:
> I am interested in how many name servers - caching or authoritative
> - are filtering incoming and/or outgoing TCP port 53.
For authoritative name servers of TLD, you can browse:
http://www.generic-nic.net/dyn/mon/
And see that incoming TCP is often filtered, even on serious TLD:
w: Server doesn't listen/answer on port 53 for TCP protocol
* Ref: IETF RFC1035 (p.32 4.2. Transport)
The DNS assumes that messages will be transmitted as datagrams or in a byte stream carried by a virtual circuit. While virtual circuits can be used for any DNS activity, datagrams are preferred for queries due to their lower overhead and better performance.
* ns.cnc.ac.cn./159.226.1.1
* ns.cernet.net./202.112.0.44
