Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

nameserver running over TCP can you set

https://forum.vestacp.com/viewtopic.php?f=13&t=9637

Page 1 of 1

nameserver running over TCP can you set

Posted: Sat Nov 07, 2015 9:29 am
by weergave
The name server failed to answer queries sent over TCP. This is probably due to the name server not correctly set up or due to misconfgured filtering in a firewall. It is a rather common misconception that DNS does not need TCP unless they provide zone transfers - perhaps the name server administrator is not aware that TCP usually is a requirement.

Re: nameserver running over TCP can you set

Posted: Thu Jan 21, 2016 7:06 pm
by Felix
I was reading an article about allowing TCP on DNS and they seem to have some good points to do so:
  • DNSSEC Creates Larger DNS Responses which are over the 512 bytes limit of UDP
  • IPv6 DNS Lookups May be Larger Than 512 Bytes, which is the limit of UDP
Maybe consider this information for the next versions?

Re: nameserver running over TCP can you set

Posted: Fri Jan 22, 2016 11:12 am
by Felix
Taken from here.

You can allow this by opening TCP port 53 on Vesta firewall. Add a new firewall rule and set:
Action: ACCEPT
Protocol: TCP
PORT: 53
IP address: 0.0.0.0/0
Comment: DNS
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/