The older cache DNS server in my team is configured with BIND 9.11.4; it uses 53 as the source port number.
options {
...
query-source port 53;
...
}
Meanwhile, the new one has BIND 9.16.23 installed; for designating the port number in query-source
is deprecated, I just set this option as below.
query-source address *;
The rest of the /etc/named.conf
file is good to go. When I called nslookup {a domain which is not defined in /etc/named.conf} {the private ip of the cache dns server}
, The new one shows the below in TCPDUMP:
18:33:50.968991 IP {the public ip}.50181 > 192.5.5.241.53: 29151% [1au] A? _.com. (46)
18:33:50.969044 IP {the public ip}.14081 > 192.5.5.241.53: 31087 [1au] NS? . (40)
18:33:51.768842 IP {the public ip}.32109 > 192.33.4.12.53: 4413% [1au] A? _.com. (46)
18:33:51.768918 IP {the public ip}.21620 > 192.33.4.12.53: 2272 [1au] NS? . (40)
18:33:52.568677 IP {the public ip}.59713 > 199.7.83.42.53: 29280% [1au] A? _.com. (46)
18:33:52.568677 IP {the public ip}.49493 > 199.7.83.42.53: 14473 [1au] NS? . (40)
Is there any method to fix the outgoing source port number? Or do I just have to find any other way?