Daniel Bourque wrote:
BUT , before I added the UDP dns firewall rules. I could successfully do : lookups using the host command , lookups with the example snippet in the Net::DNS man page all DNS & RBL tests with my older SA installation ( 3.0.4 )
Those methods might have used fallback from UDP to TCP then. Still, the lookups should have been slower than using UDP (especially if they did try UDP before TCP).
Normally UDP is preferred (and the default) unless a query (or the expected answer) is too large to fit in one packet (because DNS is faster over UDP than over TCP.
This is especially important for things like SA that can end up making a *huge* amount of small queries with small answers.
maybe the newert SA versions forces Net::DNS to use UDP where old versions didn't ...
I've no idea if it does, but it would make sense. Regards /Jonas -- Jonas Eckerman, FSDB & Fruktträdet http://whatever.frukt.org/ http://www.fsdb.org/ http://www.frukt.org/
