In
<Pine(_dot_)LNX(_dot_)4(_dot_)33L2(_dot_)0401131222210(_dot_)26710-100000(_at_)clarissa(_dot_)spodnet(_dot_)org>
Tim Gladding <tim(_at_)gladding(_dot_)com> writes:
And we end up with responses over 500 bytes, game over.
Since when was DNS limited to only 500 byte responses?
There are more than a few broken firewalls that don't allow TCP DNS
packets through. They assume that all DNS is UDP and UDP is limited
to around 500 bytes. There are also older versions of DNS software
(server and client) that still don't understand DNS over TCP.
Also, even if you *could* reliably use DNS over TCP, it is *far*
slower than DNS over UDP. Probably around a factor of 10 slower.
I think it is best to not count on DNS over TCP, and use it only as a
very last resort.
-wayne
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡