04-03-2004 11:11 PM - edited 02-20-2020 09:24 PM
When writing an access-list to allow DNS should I allow only UDP or both UDP/TCP? I have no requirement to allow any zone transfers and so I guess allowing TCP would not be necessary. Would just like to confirm.
Vito
Solved! Go to Solution.
04-05-2004 03:34 AM
what dns server are you running? on win2k, you right click the server name in the DNS mmc snapin, and it is on one of the tabs
04-04-2004 07:33 AM
tcp is necessary for any replies over 512bytes. My experience has been that for windows centric environments, allowing tcp is a good thing (even though I block zone transfers).
04-04-2004 06:31 PM
Thanks.
How do you block zone transfers on the firewall if you allow TCP? I assume you mean this is done on the DNS server itself.
Thanks
04-05-2004 03:34 AM
what dns server are you running? on win2k, you right click the server name in the DNS mmc snapin, and it is on one of the tabs
04-05-2004 04:50 AM
The server is setup by the client and so I will have them check their configuration.
Thanks for answering my questions
Vito
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: