Firewall Ports to Open Up For DNS Servers



Everyone knows that DNS servers use UDP port 53 for queries, right? Well something that I recently learned was that DNS servers also use TCP port 53 to do zone transfers (axfrs). Make sure to open that port up in your firewall if you are allowing zone transfers from your DNS server. Knowing that sooner could have saved me a lot of time!

So for future reference:
Incoming open ports:

1
2
TCP/53
UDP/53

Outgoing open ports:

1
2
3
4
TCP/53
UDP/53
TCP/1024-65535
UDP/1024-65535