[MaraDNS list] TCP
Sam Trenholme
maradns at gmail.com
Wed Nov 30 12:17:21 EST 2011
> ? dig williams.periapt. @127.0.0.3 +tcp
> ;; communications error to 127.0.0.3#53: end of file
[...]
> However there is still the question as to whether it would be possible
> for the zoneserver to pass an error message to the client before clsoing
> the connection so that the client can present a meaningful message such
> as "permission denied".
The reason for this unusual behavior is because this is how djbdns
handles unauthorized DNS-over-TCP requests; back in 2001 I was
emulating its behavior. I also used random source ports for upstream
requests since the beginning, which got praised by ZDnet a few years
later, so I think I did the right thing at the time.
djbdns is really an excellent DNS server, and it was a good starting
point for MaraDNS' design.
- Sam
More information about the list
mailing list