概要
下面的知识库解释为什么某些服务使用这两种协议︰ TCP 和 UDP。
更多信息
DNS 和一些其他服务工作在这两个协议。我们将 DNS 服务的例子。两个协议都彼此略有不同。TCP 是面向连接的协议,它要求在目标保持一致的数据和 UDP 是无连接协议,并且不需要数据保持一致,或者不需要与数据一致性的主机建立连接。
UDP 数据包是尺寸要小。UDP 数据包不能大于然后 512 个字节。因此任何应用程序需要数据传输大于 512 字节需要就地 TCP。例如,DNS 使用 TCP 和 UDP 的有效原因如下所述。请注意,UDP 消息不是大于 512 字节时大于此大小将被截断。 DNS 使用 TCP 进行区域传输,UDP 用于命名查询任何一个普通的 (主) 或反向。UDP 可以用于交换小信息,而必须使用 TCP 大于 512 字节的信息交换。如果客户端不会得到 DNS 响应它必须重新传输间隔 3-5 秒后使用 TCP 数据。
在 DNS 区域数据库应该有一致性。若要使这种情况,DNS 始终使用 TCP,因为 TCP 是可靠的区域数据传输并确保将完整区域传送到其他 DNS 服务器请求数据的区域数据一致。
出现问题时 Windows 2000 服务器和所有 1023 的高级服务器产品使用动态端口。在这种情况下您的 DNS 服务器不应面对即做为网络上的客户端计算机的所有标准查询的互联网。(ACL) 的路由器必须允许所有 UDP 入站通信,以访问任何高的 UDP 端口,以使它能够正常工作。
LDAP 始终使用 TCP-这真和原因不是因为要发送的数据的客户端和服务器之间建立安全连接并进行这种只使用 TCP 不 UDP UDP。查找域控制器 (Kerberos) 进行身份验证时,才使用 UDP。例如,查找域控制器使用 DNS 域客户端。
SUMMARY
The following knowledgebase explains why some services use both the protocols: TCP and UDP.
MORE INFORMATION
DNS and some other services work on both the protocols. We will take an example of DNS Service. Two protocols are somewhat different from each other. TCP is a connection-oriented protocol and it requires data to be consistent at the destination and UDP is connection-less protocol and doesn't require data to be consistent or don't need a connection to be established with host for consistency of data.
UDP packets are smaller in size. UDP packets can not be greater then 512 bytes. So any application needs data to be transferred greater than 512 bytes require TCP in place. For example, DNS uses both TCP and UDP for valid reasons described below. Note that UDP messages are not larger than 512 Bytes and are truncated when greater than this size. DNS uses TCP for Zone transfer and UDP for name queries either regular (primary) or reverse. UDP can be used to exchange small information whereas TCP must be used to exchange information larger than 512 bytes. If a client doesn't get response from DNS it must re-transmit the data using TCP after 3-5 seconds of interval.
There should be consistency in DNS Zone database. To make this, DNS always transfer Zone data using TCP because TCP is reliable and make sure zone data is consistent by transferring the full zone to other DNS servers who has requested the data.
The problem occurs when Windows 2000 server and Advanced Server products uses Dynamic ports for all above 1023. In this case your DNS server should not be internet facing i.e. doing all standard queries for client machines on the network. The router (ACL) must permitted all UDP inbound traffic to access any high UDP ports for it to work.
LDAP always uses TCP - this is true and why not UDP because a secure connection is established between client and server to send the data and this can be done only using TCP not UDP. UDP is only used when finding a domain controller (Kerberos) for authentication. For example, a domain client finding a domain controller using DNS.