I am reviewing listening ports on my W2K3 SP2 servers. When I run "netstat
-noab", I see that dns.exe is listening on TCP 53 as I expect. I also see
dns.exe (same process ID) listening on a random TCP port between 1000 and
1300. I see this on four of my dns server with ports like 1118, 1232, etc.
Can anyone tell me what this "other" TCP listening port is?
Thanks for the help.
McR
Hi Ron,
DNS Service uses dynamic UDP ports (above 1023) for all client standard
query messages.
The client requests from a random port above 1023 to server port 53. The
servers response from port 53 to the originating port the client was
questioning on.
Only the server-to-server communication goes from port 53 to port 53. The
requests as well as the responses.
Hope that helps.
Cheers!
Jens
> I am reviewing listening ports on my W2K3 SP2 servers. When I run "netstat
> -noab", I see that dns.exe is listening on TCP 53 as I expect. I also see
> dns.exe (same process ID) listening on a random TCP port between 1000 and
> 1300. I see this on four of my dns server with ports like 1118, 1232, etc.
>
> Can anyone tell me what this "other" TCP listening port is?
>
> Thanks for the help.
>
> McR
Hello customer,
I agree with Jens. By default, the DNS server sends recursive UDP queries
to other DNS servers through a randomly selected port, called the DNS port.
However, this behavior may be modified with a specific registry setting
that is described in the following link:
SendPort
http://www.microsoft.com/technet/pro...eskit/regentry
/95408.mspx?mfr=true
Hope it helps.
David Shen
Microsoft Online Partner Support
Thanks for your reply. I'm not sure I understand your response. If I
understand the output from nbtstat -noab correctly, the server is LISTENING
on TCP ports above 1024. The entry I am seeing looks like this:
TCP 0.0.0.0:1142 0.0.0.0:0 LISTENING 1952
[dns.exe]
I understand that the client uses a random source port to query but that
doesn't explain why the server would be listening on this port.
Thanks again for helping me try to figure this out.
McR
"Jens Imsan" wrote:
> Hi Ron,
>
> DNS Service uses dynamic UDP ports (above 1023) for all client standard
> query messages.
>
> The client requests from a random port above 1023 to server port 53. The
> servers response from port 53 to the originating port the client was
> questioning on.
>
> Only the server-to-server communication goes from port 53 to port 53. The
> requests as well as the responses.
>
> Hope that helps.
>
> Cheers!
> Jens
>
>
> > I am reviewing listening ports on my W2K3 SP2 servers. When I run "netstat
> > -noab", I see that dns.exe is listening on TCP 53 as I expect. I also see
> > dns.exe (same process ID) listening on a random TCP port between 1000 and
> > 1300. I see this on four of my dns server with ports like 1118, 1232, etc.
> >
> > Can anyone tell me what this "other" TCP listening port is?
> >
> > Thanks for the help.
> >
> > McR
Hi McR,
By default, the DNS server sends recursive UDP queries to other DNS servers
through a randomly selected port that is above port 1024. When the DNS
server try to resolve the name via recursive query to other DNS server, it
will use the Listening port in this case.
Hope it helps.
David Shen
Microsoft Online Partner Support
Hi,
I am just writing to see how everything is going. If you have any updates
or need any further assistance on this issue, please feel free to let me
know.
David Shen
Microsoft Online Partner Support
Posting Permissions
Reply With Quote
Bookmarks