Then, you can forget about DNSSEC for example ... Lio
-----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de ed Envoyi : vendredi 7 octobre 2005 19:25 Cc : misc@openbsd.org Objet : Re: CARP+Pfsync+Bind On Thu, 6 Oct 2005 19:52:31 -0400 "Dave Anderson" <[EMAIL PROTECTED]> wrote: > Responses long enough so that required information is truncated should > be rare, so perhaps you've been lucky and not encountered any yet. I understand fully what you are saying, but I just don't want to serve DNS via TCP. I'm as sure as I can be that no replies exceed 512 bytes. If it ever becomes a problem I'll use tcpserver to provide it, but it's been fine for a long time, and it's safe, at least in my case, to assume TCP is for zone transfers, YMMV. -- Regards, Ed http://www.usenix.org.uk
