How to use DNS server behind NAT router

1

I have a local DNS server that I want to use, but it's behind a NAT router. For all other servers that are behind that router, I simply have an appropriate forwarding rule enabled in the router. From what I've read regarding DNS, however, it seems that there is no particular port that I can forward to make this work (and I'd rather not just forward all ports >49152). Is it possible to use a DNS server from behind a NAT router?

If it matters, I'm running the bundled DNS role in Windows Server 2008 Standard.

Allen

Posted 2013-08-04T00:06:54.433

Reputation: 297

1DNS operates on port 53. – Darth Android – 2013-08-04T00:21:36.173

Answers

6

In general, DNS queries are sent from a high-numbered source port (above 1023) to destination port 53, and responses are sent from source port 53 to a high-numbered destination port.

Open UDP port 53 to and from the server in your NAT configuration.

micke

Posted 2013-08-04T00:06:54.433

Reputation: 3 001

1

So, I asked this question years ago, and I know a little bit more about networking now. The thing that was tripping me up way back then (IIRC) was the idea of ephemeral ports. These, I know now, are on the src side of the connection and not relevant to port forwarding. UDP 53 is correct.

– Allen – 2018-04-09T05:13:32.943

1you may also have to allow 53/udp in both directions in your firewall. Note that DNS Forwarding uses 53/UDP -> 53/UDP, so if you are forwarding, or using an old dns server, don't specify a source/dest prt > 1023 in your firewall. – Frank Thomas – 2013-08-04T02:38:36.163

1

You will also need to forward TCP port 53 for some functions of DNS to work properly, including using sub-domain zone files delegated from a main domain and for using master/slave configurations. The zone file changes are transferred via TCP port 53.

user184478

Posted 2013-08-04T00:06:54.433

Reputation: 11

Asked: 2013-08-04T00:06:54.433

Viewed: 8 897 times

Active: 2018-04-09T01:45:34.260