port fowarding for DNS

I am running BIND on a Linux box on my home LAN. To make it
accessible from the Internet, I need to use port forwarding at the
Dell Truemobiled 2300 router.

I can't tell from http://www.iana.org/assignments/port-numbers what
port(s) DNS uses.

Can anyone tell me?

Thanks.

Vwaju
New York City

Am Tue, 14 Oct 2008 11:04:34 -0700 schrieb Vwaju:

> I am running BIND on a Linux box on my home LAN. To make it
> accessible from the Internet, I need to use port forwarding at the
> Dell Truemobiled 2300 router.
>
> I can't tell from http://www.iana.org/assignments/port-numbers what
> port(s) DNS uses.
>
> Can anyone tell me?

udp/53

On Oct 14, 2:16*pm, Burkhard Ott <n...@derith.de> wrote:
> Am Tue, 14 Oct 2008 11:04:34 -0700 schrieb Vwaju:
>
> > I am running BIND on a Linux box on my home LAN. *To make it
> > accessible from the Internet, I need to use port forwarding at the
> > Dell Truemobiled 2300 router.
>
> > I can't tell fromhttp://www.iana.org/assignments/port-numberswhat
> > port(s) DNS uses.
>
> > Can anyone tell me?
>
> udp/53

Thank you!

Is there a TCP port as well, or is DNS connectionless?

Best Regards,

Vwaju
New York City

In news:fd6aa18d-a957-4f5e-bb52-(E-Mail Removed),
Vwaju <(E-Mail Removed)> typed:

> I can't tell from http://www.iana.org/assignments/port-numbers what
> port(s) DNS uses.

Didn't spend any time looking, did you? It tells you the same as

grep domain /etc/services

tells you.

On October 14, 2008 14:57, in comp.os.linux.networking, Vwaju
((E-Mail Removed)) wrote:

> On Oct 14, 2:16Â*pm, Burkhard Ott <n...@derith.de> wrote:
>> Am Tue, 14 Oct 2008 11:04:34 -0700 schrieb Vwaju:
>>
>> > I am running BIND on a Linux box on my home LAN. Â*To make it
>> > accessible from the Internet, I need to use port forwarding at the
>> > Dell Truemobiled 2300 router.
>>
>> > I can't tell fromhttp://www.iana.org/assignments/port-numberswhat
>> > port(s) DNS uses.
>>
>> > Can anyone tell me?
>>
>> udp/53
>
> Thank you!
>
> Is there a TCP port as well, or is DNS connectionless?

DNS uses both UDP port 53 /and/ TCP port 53.

Primarily, DNS uses UDP, but if the query or the response is too big for a
single UDP datagram, DNS uses TCP to transfer the details.

--
Lew Pitcher

Master Codewright & JOAT-in-training | Registered Linux User #112576
http://pitcher.digitalfreehold.ca/ | GPG public key available by request
---------- Slackware - Because I know what I'm doing. ------

On Oct 14, 3:23*pm, "b.jeswine" <m...@privacy.net> wrote:
> Innews:fd6aa18d-a957-4f5e-bb52-(E-Mail Removed),
> Vwaju <l...@manhattanhandyman.com> typed:
>
> > I can't tell fromhttp://www.iana.org/assignments/port-numberswhat
> > port(s) DNS uses.
>
> Didn't spend any time looking, did you? It tells you the same as
>
> * * grep domain /etc/services
>
> tells you.

Actually, I searched http://www.iana.org/assignments/port-numbers for
"dns", but not for "Domain Name Server". Oops.

About /etc/services, I did not know.

Sorry for wasting your time.

On Tue, 14 Oct 2008 15:34:05 -0400, Lew Pitcher <(E-Mail Removed)> wrote:

>On October 14, 2008 14:57, in comp.os.linux.networking, Vwaju
>((E-Mail Removed)) wrote:
>
>> On Oct 14, 2:16Â*pm, Burkhard Ott <n...@derith.de> wrote:
>>> Am Tue, 14 Oct 2008 11:04:34 -0700 schrieb Vwaju:
>>>
>>> > I am running BIND on a Linux box on my home LAN. Â*To make it
>>> > accessible from the Internet, I need to use port forwarding at the
>>> > Dell Truemobiled 2300 router.
>>>
>>> > I can't tell fromhttp://www.iana.org/assignments/port-numberswhat
>>> > port(s) DNS uses.
>>>
>>> > Can anyone tell me?
>>>
>>> udp/53
>>
>> Thank you!
>>
>> Is there a TCP port as well, or is DNS connectionless?
>
>DNS uses both UDP port 53 /and/ TCP port 53.
>
>Primarily, DNS uses UDP, but if the query or the response is too big for a
>single UDP datagram, DNS uses TCP to transfer the details.

I thought 53/tcp was for zone transfers? (Yes, a large response).

Grant.

On October 14, 2008 16:28, in comp.os.linux.networking, Grant
(g_r_a_n_t_@bugsplatter.id.au) wrote:

> On Tue, 14 Oct 2008 15:34:05 -0400, Lew Pitcher <(E-Mail Removed)>
> wrote:
>
>>On October 14, 2008 14:57, in comp.os.linux.networking, Vwaju
>>((E-Mail Removed)) wrote:
>>
>>> On Oct 14, 2:16Â*pm, Burkhard Ott <n...@derith.de> wrote:
>>>> Am Tue, 14 Oct 2008 11:04:34 -0700 schrieb Vwaju:
>>>>
>>>> > I am running BIND on a Linux box on my home LAN. Â*To make it
>>>> > accessible from the Internet, I need to use port forwarding at the
>>>> > Dell Truemobiled 2300 router.
>>>>
>>>> > I can't tell fromhttp://www.iana.org/assignments/port-numberswhat
>>>> > port(s) DNS uses.
[snip]
>>DNS uses both UDP port 53 /and/ TCP port 53.
>>
>>Primarily, DNS uses UDP, but if the query or the response is too big for a
>>single UDP datagram, DNS uses TCP to transfer the details.
>
> I thought 53/tcp was for zone transfers? (Yes, a large response).

I'm no DNS expert, so I bow to various expert authors for answers like
these. In "TCP/IP Illustrated - Volume 1 - The Protocols" by the late W..
Richard Stevens, in chapter 14 ("DNS: The Domanin Name System"), section
14.8 ("UDP or TCP"), Richard Stevens says
"When the resolver issues a query and the response comes back with the TC
bit set ("truncated") it means the size of the response exceeded 512
bytes, so only the first 512 bytes were returned by the server. The
resolver normally issues the request again, using TCP. This allows more
than 512 bytes to be returned."

I notice that a DNS request can ask for all records associated with a domain
name. If the DNS server tries to return /all/ the records (A, multiple NS,
multiple CNAME, large HINFO, multiple MX, etc), then the response size can
easily exceed the 512 octet limit. This sort of request would be a legal
DNS query that is not a zone transfer.

--
Lew Pitcher

Master Codewright & JOAT-in-training | Registered Linux User #112576
http://pitcher.digitalfreehold.ca/ | GPG public key available by request
---------- Slackware - Because I know what I'm doing. ------

On Tue, 14 Oct 2008 17:34:46 -0400, Lew Pitcher <(E-Mail Removed)> wrote:

>On October 14, 2008 16:28, in comp.os.linux.networking, Grant
>(g_r_a_n_t_@bugsplatter.id.au) wrote:
....
>> I thought 53/tcp was for zone transfers? (Yes, a large response).
>
>I'm no DNS expert, so I bow to various expert authors for answers like
>these. In "TCP/IP Illustrated - Volume 1 - The Protocols" by the late W.
>Richard Stevens, in chapter 14 ("DNS: The Domanin Name System"), section
>14.8 ("UDP or TCP"), Richard Stevens says
> "When the resolver issues a query and the response comes back with the TC
> bit set ("truncated") it means the size of the response exceeded 512
> bytes, so only the first 512 bytes were returned by the server. The
> resolver normally issues the request again, using TCP. This allows more
> than 512 bytes to be returned."
>
>I notice that a DNS request can ask for all records associated with a domain
>name. If the DNS server tries to return /all/ the records (A, multiple NS,
>multiple CNAME, large HINFO, multiple MX, etc), then the response size can
>easily exceed the 512 octet limit. This sort of request would be a legal
>DNS query that is not a zone transfer.

Okay, checks firewall log...

root@deltree:~# zgrep JLEutkay /var/log/messages.1.gz| grep PROTO=TCP| \
grep "DPT=53 "| wc -l
52

That's per week from here, I don't log the outgoing 53/udp.

Never noticed it before

Grant.
--
http://bugsplatter.id.au