large organization nameservers sending icmp packets to dns servers.

David Schwartz davids at
Tue Aug 7 21:07:26 UTC 2007

> The point is, if you are the authority, you know how big the packet
> is.  If you know it ain't over 512, then you don't need TCP.
> Or are you saying you do?  Wouldn't it be 'incredibly stupid' for
> recursive servers to -require- TCP, even for < 512 byte packets?

A TCP query is just as valid as a UDP query. If you claim to provide DNS for
a zone but fail to respond to valid queries, you are breaking your promise.
It's not whether or not you need TCP. It's that if you promise to provide a
service, you should in fact provide that service.


More information about the NANOG mailing list