Forum Discussion
Khaled_HA
Altocumulus
AltocumulusConfiguring listener IP for TCP
Hay folks! I am preparing for the 302 exam and I ran into this " DNS zone transfers use TCP port 53. If you do not configure a listener for TCP the client might receive the error: connection refuse...
Hi Khaled_HA,
UPD is limited to 512 bytes. Some of the newer record types might contain messages that exceed the 512 byte limit and use TCP as fallback.
- See: RFC 5966 - DNS Transport over TCP - Implementation Requirements
- And also: K91537308: Overview of the truncating rule when DNS response size is over 512 Bytes
I never tried to pass the 302 exam. However, I am 100% it is for BIG-IP 12.1. You are looking at an article that is relevant for 14.1 to 16.1. Make sure you are looking the relevant sources (K29900360: F5 certification | Exams and blueprints).
KR
DanielI will try to answer your second question too:
This solution (K14510: Overview of DNS query processing on BIG-IP systems) explains in which order the BIG-IP processes DNS requests and how to configure Unhandled Query Actions. One setting for unhandled queries is Reject.
- Use the Reject setting to return a REFUSED status for the DNS query.
DISCLAIMER: I admit that I am not an expert for BIG-IP DNS. Maybe this is not the only correct answer to your question.
Hi,
Creating DNS listeners TCP or UDP will depend on the customer that consumes the service, or the device that must use the DNS for resolution.
To create a TCP listener you need to run the same steps when you create your UDP listener:
1. In the path DNS ›› Delivery : Listeners : Listener List click create.
2. Set a Name
3. Set the IP, it could be the same for TCP or UDP protocol.
4. In protocol select TCP.
5. Click Finished
Khaled_HAAltocumulus
AltocumulusThanks but that was not my question.
My question is that "If I did not configure TCP lister, will the BigIP DNS refuse client connection ? and why?
Isn't UDP enough?