Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

configuring DNS on firewall

is it necessary to allow both UDP and TCP port 53 for accessing DNS servers through a firewall access-list?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: configuring DNS on firewall

tcp/53 is used for zone-transfers. if you are doing just normal queries udp/53 will suffice.

4 REPLIES

Re: configuring DNS on firewall

tcp/53 is used for zone-transfers. if you are doing just normal queries udp/53 will suffice.

New Member

Re: configuring DNS on firewall

thanks vikram.

Re: configuring DNS on firewall

Here is another reason why tcp/53 is used "A client can use TCP whenever it wants, and has to use TCP when the response it gets via UDP is truncated because it is too long"

New Member

Re: configuring DNS on firewall

tcp/53 is also used for large transfers.

224
Views
0
Helpful
4
Replies