DNS Ports
Joseph S D Yao
jsdy at center.osis.gov
Mon Jul 21 23:05:32 UTC 2003
On Fri, Jul 18, 2003 at 05:56:15PM -0700, Dave Harman wrote:
> Hi, NG
>
> I am using BIND 9.2.1-16, the one that comes with RedHat 9
> I am setting up Iptables and I am having difficulty in finding out
> exactly what ports Bind uses to send and receive queries and data.
>
> I know DNS uses UDP to send and get data.=20
Did you know that it also uses TCP? For more than just zone transfers.
> Does DNS always use the unprivileged ports to send queries ?
Unless you define the port used.
> Does DNS always receive answers and quesies on port 53 ?
Yes, both TCP and UDP.
> Does the resolver use different ports than the DNS server ?
The server contains a resolver, since it has to query other servers.
The above referred to the built-in resolver. The resolver that
programs use is called a "stub" resolver. All it does is send queries
and return answers. And the port on which it sends queries is system
dependent, but I believe that BIND's stub resolver also uses
unprivileged ports to send queries, and this cannot be re-defined.
OBTW, some programs cache their own responses, which should not be
confused with the stub resolver doing it.
--
Joe Yao jsdy at center.osis.gov - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
More information about the bind-users
mailing list