Re: [m0n0wall] Are TCP DNS queries possible?

From:	Robert Goodyear <me at jrob dot net>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Are TCP DNS queries possible?
Date:	Tue, 13 Sep 2005 15:53:03 -0700

On Sep 13, 2005, at 3:40 PM, Steve Yates wrote:

> On Tue, 13 Sep 2005 23:32:04 +0100
> "Neil A. Hillard" <m0n0 at dana dot org dot uk> wrote:
>
>
>> RFC1035 states:
>>
>>> While virtual circuits can be used for any DNS activity,  
>>> datagrams are
>>> preferred for queries due to their lower overhead and better
>>> performance.
>>>
>> Which is obviously why M$ chose TCP over UDP - nice, thanks Bill.
>>
>
>     He he, I didn't READ the RFCs, I just quoted the technote.  :)  I
> think Microsoft's point was that a big MX record might be "too big"  
> for
> UDP.
>
>     The original poster should also make sure that TCP port 53 is
> not blocked on the relevant firewall rules pages.

OP here... yes, 53 is open; as I said everything works fine if I pass  
through m0n0 to my upstream DNS.

Hope I didn't open a can of worms here, and I do appreciate all the  
banter and references to RFCs.

Neil: I am running v 1.11