Solved How to change the remote port of dns query than 53?

Hello everyone,

If the specified Unbound listening port is 65535, how should the DNS clients be set up to send queries to it? The DNS clients seems to use 53 as the default remote port.

Thanks.
 
In general you can't do that, almost all clients are hardwired to query UDP/TCP port 53. In some cases you can change the port to something else, for example if the client is running a local resolver like Unbound the port change is just matter of changing the configuration. On clients that use only the stub resolver(3) this is not possible because the port number is hard coded in the C code.

Overall it's not worth it to use a custom listening port for DNS, what is the problem you're trying to solve here?
 
I am just wondering. Both Unbound and NSD can modify the port that answers queries, but Unbound does not seem to provide the option to modify the remote port of DNS query.
 
Unbound can do that when forwarding. This is my configuration that uses forward over TLS to quad9 servers.

Code:
    tls-cert-bundle: "/usr/local/etc/ssl/cert.pem"
    forward-zone:
    name: "."
    forward-ssl-upstream: yes
    forward-addr: 9.9.9.9@853
    forward-addr: 149.112.112.112@853

The same syntax <ipaddr>@<port> works without TLS/SSL as well.
 
  • Thanks
Reactions: sdf
Back
Top