Groups | Search | Server Info | Login | Register

Groups > comp.protocols.dns.bind > #16051

Re: intermittent failures and queries sent over TCP

From David Newman <dnewman@networktest.com>
Newsgroups comp.protocols.dns.bind
Subject Re: intermittent failures and queries sent over TCP
Date 2020-08-18 18:12 -0700
Message-ID <mailman.804.1597799531.942.bind-users@lists.isc.org> (permalink)
References <6538a35f-d361-7522-a34f-65defb021f05@networktest.com> <83C7A42D-9AEC-494C-8765-0AFB612253E0@isc.org> <40a3ce22-5394-7511-4e18-9cb25baa94b7@networktest.com>

Show all headers | View raw

On 8/18/20 5:55 PM, Mark Andrews wrote:

> If you are getting RST responses check your firewall settings.  RST is often forged
> when TCP is blocked.  The root servers normally accept TCP connections.
> 
> % dig +tcp gmail.com @a.root-servers.net +dnssec

Bingo. This query failed before adding a rule to the upstream firewall
to allow outbound queries, and works now.

Thanks!

dn

Back to comp.protocols.dns.bind | Previous | Next | Find similar

Thread

Re: intermittent failures and queries sent over TCP David Newman <dnewman@networktest.com> - 2020-08-18 18:12 -0700

csiph-web