subject:"Re\: intermittent failures and queries sent over TCP"

Re: intermittent failures and queries sent over TCP

2020-08-18 Thread David Newman

On 8/18/20 5:55 PM, Mark Andrews wrote: > If you are getting RST responses check your firewall settings. RST is often > forged > when TCP is blocked. The root servers normally accept TCP connections. > > % dig +tcp gmail.com @a.root-servers.net +dnssec Bingo. This query failed before adding a

Re: intermittent failures and queries sent over TCP

2020-08-18 Thread Mark Andrews

Named will try TCP when the server returns TC=1 (TrunCated) in the UDP response. If you are getting RST responses check your firewall settings. RST is often forged when TCP is blocked. The root servers normally accept TCP connections. % dig +tcp gmail.com @a.root-servers.net +dnssec ; <<>> Di