** Reply to message from "Constantine A. Murenin" <[EMAIL PROTECTED]>
on Tue, 20 Jun 2006 16:07:25 +0100
>Hello,
>
>I'm running an sshd on port 53 (domain) as there is some convenient
>wireless hot-spot that allows for both udp and tcp connection on this
>port without any authentication. :)
>
>(Yes, there is not even a need for NSTX!)
>
>How do I tell my named(8) to only listen on udp ports, and leave tcp
>ports for sshd(8)? Is this at all possible with named.conf alone? I've
>glanced through named.conf(5), but didn't find the desired option
>there...
If you look at the RFCs defining DNS you'll quickly discover that TCP
access is *required* for all servers. While it's mostly used for zone
transfers, *any* request whose answer is too large to fit in a single
UDP packet must be retried via TCP.
In other words, it's not possible to do what you want. (It can
*appear* to work, but you'll have obscure problems where some requests
quietly fail for no obvious reason.)
Dave
--
Dave Anderson
<[EMAIL PROTECTED]>
