Hello,
I have lauched BIND server on my computre to see how it works.
Then I scanned my host to see which ports were open and I saw that the 53 was open as TCP port.
I always read that DNS is working on UDP, so how can it handle UDP requests if it is accpeting only TCP packets?
bash-3.1# nmap localhost
Starting Nmap 4.60 ( http://nmap.org ) at 2009-04-26 16:02 GMT
Interesting ports on localhost (127.0.0.1):
Not shown: 1712 closed ports
PORT STATE SERVICE
53/tcp open domain
631/tcp open ipp
953/tcp open rndc
Then I scanned with netstat and it shows that the port 53 is open as an UDP port.
bash-3.1# netstat -anu
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:55829 0.0.0.0:*
udp 0 0 192.168.0.3:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 192.168.0.3:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 0.0.0.0:50122 0.0.0.0:*
udp 0 0 0.0.0.0:631 0.0.0.0:*
So I am confused, how can it be TCP and UDP at the same time?
Which tool is wrong? Or it's me?
If I send an UDP packet does it will accept while running in TCP mode?
Thank's in advance
P.S:
I know that theorically UDP packets are for short requests and TCP packets are for zone tranfer.
