Port udp/1094 with BIND 9.2.1

[Jim Reid]

>>>>> "Bernhard" == Bernhard Schmidt <bschmidt at cybernet-ag.net> writes:

    Bernhard> Hi everyone, my freshly installed bind also listens on
    Bernhard> port udp/1094.

No it doesn't. There's no such concept at "listening" on a UDP
socket. Your name server is using udp/1094. It is using a random,
unprivileged port to make queries to other name servers. By default
the port number is chosen (at random) by the OS. The query-source
clause can be used to set the source address and port number for those
queries.

    Bernhard> I can't find any comments neither in the
    Bernhard> documentation nor in google-groups what this port is
    Bernhard> used for and how to disable it.

You couldn't have looked very hard. Your question is typically asked
and answered every week in this mailing list/newsgroup. If you'd
checked the archives, you would have found the answer. Your
observation is also explained in the documentation shipped with
BIND9. Here's an excerpt from the BIND9 Administrator's Reference
Manual (in doc/arm of the distribution):

    If the server doesn't know the answer to a question, it will query
    other nameservers. query-source specifies the address and port used
    for such queries. For queries sent over IPv6, there is a separate
    query-source-v6 option. If address is * or is omitted, a wildcard IP
    address (INADDR_ANY) will be used. If port is * or is omitted, a
    random unprivileged port will be used. 

    Bernhard> How can I disable this?

Well I suppose you could configure your name server to never make any
queries to other name servers though you probably don't want to do that.