dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
293
share rss forum feed


gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
kudos:1

See also, UDP port 53...

Typically, you will not need to allow TCP connections to or from remote port 53, unless you are using specific applications that query nameservers directly.
--
"Anger makes dull men witty, but it keeps them poor."
Elizabeth I, in Francis Bacon, Apophthegms, 1625



PetePuma
How many lumps do you want
Premium,MVM
join:2002-06-13
Arlington, VA

said by gwion:
Typically, you will not need to allow TCP connections to or from remote port 53, unless you are using specific applications that query nameservers directly.

No, you really need both. Normally, replies to DNS requests will come over UDP port 53, as stated above. However, if the reply size is greater than the size of a single UDP packet, the response will instead come via TCP port 53, even for "normal" requests from applications.