Bind: Standard Ports And Non Standard Ports

Ondřej Surý ondrej at isc.org
Fri Feb 11 16:37:15 UTC 2022 

Yes, look for “port” configuration in the documentation: https://bind9.readthedocs.io/en/v9_16_25/

You can configure the upstream to listen on non-standard port and the downstream to use it. We use this internally in the system tests.

As a side note please separate the technical questions and rants. The experience shows that sticking to the technical questions leads to more pleasant experience on the mailing list. Thanks.

Ondrej
--
Ondřej Surý — ISC (He/Him)

My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.

> On 11. 2. 2022, at 16:21, Tim Daneliuk via bind-users <bind-users at lists.isc.org> wrote:
> 
> 
> After some months of poking around, we are now certain that our so-called "Business"
> service from Comcast is compromising our DNS servers because of their
> execrable "Security Edge" garbage.  (They are willing to remove this 'service'
> only if we are willing to incur a higher monthly recurring fee.)
> 
> Our master is in the wild and works fine, but the slave is behind the compromised
> Comcast pipe.  The effect of having Security Edge in place is that the
> slave cannot get updates from the master and is also unable to resolve
> anything outside our own zone.   Comcast is apparently hijacking all port
> 53 requests and doing unspeakable things with them.
> 
> Is there a way to have these servers work as usual, listening to resolution
> request on port 53, but have the slave update AND forward requests to the
> master over a non-standard port, so as to work around the Comcast madness?
> 
> TIA,
> Tim
> 
> P.S. My guess is that this so-call "security" service is no such thing, or at
>     least its not the only thing.  They are probably harvesting DNS lookups
>     to sell as marketing data, or at least that would be my first guess.
> -- 
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220211/fee3365f/attachment-0001.htm>

More information about the bind-users mailing list