On Jul 25, 2012, at 21:27, "Joseph L. Casale" <jcasale@xxxxxxxxxxxxxxxxx> wrote: >> DNS lookups default to using 53/udp, and only use 53/tcp for zone >> transfers. could it be 53/udp is being lost/blocked between this host >> and your ns1 ? > > Unfortunately that is a common misconception. > > Tcp is used far more often than "only" as stated such as for size of request > exceeding udp response size etc... > > Bottom line is both ports are needed, not just for zone xfers. > Except that the malware guys have figured out how to abuse port 53. Security recommendation is to block TCP unless you're running a DNS server. And also block oversize port 53 UDP packets. Dave M _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: DNS lookup delay with centos & postfix
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: DNS lookup delay with centos & postfix
- From: David McGuffey <davidmcguffey@xxxxxxxxxxx>
- Date: Wed, 25 Jul 2012 21:40:07 -0400
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <assp.15542675b9.92097A6A775D5147B1078E3F15430B922E42D1D4@prato.activenetwerx.local>
- Follow-Ups:
- Re: DNS lookup delay with centos & postfix
- From: Tris Hoar
- Re: DNS lookup delay with centos & postfix
- References:
- DNS lookup delay with centos & postfix
- From: Steve Lindemann
- Re: DNS lookup delay with centos & postfix
- From: John R Pierce
- Re: DNS lookup delay with centos & postfix
- From: Joseph L. Casale
- DNS lookup delay with centos & postfix
- Prev by Date: Re: DNS lookup delay with centos & postfix
- Next by Date: Installing Centos-6 32 bit
- Previous by thread: Re: DNS lookup delay with centos & postfix
- Next by thread: Re: DNS lookup delay with centos & postfix
- Index(es):
 |