Re: Why does DNS.EXE listen on a ephemeral TCP port?

Brian K. Dori wrote:
Hi Ace,

Thanks for the reply, but I don't know if we are taking about the same
thing.

comments inline.

"Ace Fekay [MVP]" <PleaseAskMe@xxxxxxxxxxxxxx> wrote >

That's part of the Windows conenection method. The initial port is
53UDP, then if over 512 bytes, then it will revert to TCP, unless of
course using Windows 2003 DNS, which supports EDNS0, which allows
UDP responses upto 1280 bytes.

Right, but when my name server makes a query to another name server,
and the response size will be over 512 bytes, that server responds
via UDP to my server and then my server originates a TCP connection.
(from a ephemeral local TCP port to a destination of TCP 53 on the
server) I understand why my server listens on a UDP port, but I
don't think this explains why my server is LISTENING on a TCP port.
In order for a TCP listening port to be used, some mechanisim must
exist for my server to inform another machine about the port number
it's listening on (RPC perhaps), and another machine would have to
initiate the connection. The TCP listening port is not the same
number as the UDP listening port. I can't find anything that
indicates that another server would initiate a TCP connection to my
server in response to a query, or how a query would indicate which
TCP port to respond on. It was suggested it might be a control port
(like what ndc on bind would use) but my testing shows that running
the remote MMC DNS console doesn't use it.

DNS listens on both UDP and TCP 53, but when a DNS server sends a query to
another server on port 53, the response comes back on an ephemeral port,
which DNS also listens on.



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================


.

Relevant Pages

  • Re: ipfw and nmap
    ... > even be correct but I have a bsd box that is simply providing me SSH ... add allow tcp from any to me 22 setup in via fxp0 keep-state ... Note too that there is nothing to prevent port scanners simply setting ... the 'SYN' flag in the probe packets they send to your server. ...
    (freebsd-questions)
  • Re: RealVNC
    ... Default listening port for RealVNC server that runs on the machine on which ... Then there is default Java listening port on port 5800 on the client machine ...
    (microsoft.public.windows.server.sbs)
  • Re: RealVNC
    ... I use VNC behind server ... Default listening port for RealVNC server that runs on the machine ... And then "other"party - not the client can run RealVNC Viewer in ...
    (microsoft.public.windows.server.sbs)
  • RE: Cannot make either RWW or Remote Desktop Connection to server internally yet 3389 responds
    ... SBS server from internal and external network. ... Let us refer to the following steps to troubleshoot the issue: ... to listen on port 3389. ... How to change the listening port for Remote Desktop ...
    (microsoft.public.windows.server.sbs)
  • Re: RealVNC
    ... I use VNC behind server ... Then there is default Java listening port on port 5800 on the client ...
    (microsoft.public.windows.server.sbs)