[dns-operations] AWS footnote: DNS firewall rules are UDP only
jared at puck.nether.net
Wed Jan 28 21:14:33 UTC 2015
Sadly, there are devices such as the most recent Netgear routers and firmware that block TCP queries as well in the most horrific way, e.g.:
> On Jan 28, 2015, at 3:45 PM, Warren Kumari <warren at kumari.net> wrote:
> On Wed, Jan 28, 2015 at 2:28 PM, Fred Morris <m3047 at m3047.net> wrote:
>> I just noticed that when configuring firewall rules for an AWS instance,
>> if "DNS" is chosen then the (only) protocol automagically filled in is
>> To get TCP, you have to create a custom TCP rule.
>> When you save, the UDP one gets saved as "DNS", the TCP one stays "custom
>> TCP rule".
> Well, of course. What did you expect? DNS only uses UDP...
> <Warren runs away, giggling manically....>
>> Fred Morris
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net
>> dns-jobs mailing list
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> dns-jobs mailing list
More information about the dns-operations