[CentOS] DNS lookup delay with centos & postfix
David McGuffey
davidmcguffey at verizon.netThu Jul 26 01:40:07 UTC 2012
- Previous message: [CentOS] DNS lookup delay with centos & postfix
- Next message: [CentOS] DNS lookup delay with centos & postfix
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Jul 25, 2012, at 21:27, "Joseph L. Casale" <jcasale at activenetwerx.com> wrote: >> DNS lookups default to using 53/udp, and only use 53/tcp for zone >> transfers. could it be 53/udp is being lost/blocked between this host >> and your ns1 ? > > Unfortunately that is a common misconception. > > Tcp is used far more often than "only" as stated such as for size of request > exceeding udp response size etc... > > Bottom line is both ports are needed, not just for zone xfers. > Except that the malware guys have figured out how to abuse port 53. Security recommendation is to block TCP unless you're running a DNS server. And also block oversize port 53 UDP packets. Dave M
- Previous message: [CentOS] DNS lookup delay with centos & postfix
- Next message: [CentOS] DNS lookup delay with centos & postfix
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list