BothWell-Known PortFirewall: Usually Open
53

DNS

What is Port 53?

Port 53 is the default port for the Domain Name System (DNS), one of the most critical services on the internet. DNS translates human-readable domain names like example.com into IP addresses that computers use to communicate. Defined across multiple RFCs starting with RFC 1035, DNS uses UDP port 53 for standard queries (which are typically small) and TCP port 53 for zone transfers and responses that exceed 512 bytes. DNS operates as a hierarchical, distributed database with root servers, TLD servers, and authoritative name servers. Every web browsing session, email delivery, API call, and virtually every internet communication begins with a DNS query. DNS is maintained by organizations like ICANN, and public resolvers from Google (8.8.8.8), Cloudflare (1.1.1.1), and others handle billions of queries daily.

Common Uses

  • Resolving domain names to IP addresses
  • Reverse DNS lookups for IP-to-domain mapping
  • DNS zone transfers between primary and secondary servers
  • Service discovery via SRV and TXT records
  • Email authentication via SPF, DKIM, and DMARC DNS records

Technical Details

Port Number53
ProtocolTCP + UDP
CategoryWell-Known
Service NameDNS
Default FirewallUsually Open
Port Test Commands

Copy-paste commands to check port 53 (DNS) from your terminal

Test connectivity

Netcat (nc)Check if TCP port is reachable
nc -zv example.com 53
curl (HTTP)Test HTTP response on this port
curl -v --max-time 5 http://example.com:53/
TelnetBasic TCP port connectivity check
telnet example.com 53
nmapScan port 53 with service detection
nmap -p 53 -sU -sV example.com
Bash /dev/tcpPure bash TCP check (no extra tools needed)
(echo > /dev/tcp/example.com/53) 2>/dev/null && echo "open" || echo "closed"

Open port in firewall

UFW (Ubuntu / Debian)
sudo ufw allow 53/tcp
iptables
sudo iptables -A INPUT -p tcp --dport 53 -j ACCEPT
firewalld (RHEL / CentOS)
sudo firewall-cmd --permanent --add-port=53/tcp && sudo firewall-cmd --reload

Security Considerations

!

DNS is a frequent target for attacks including DNS spoofing, cache poisoning, DNS amplification DDoS attacks, and DNS tunneling for data exfiltration. DNSSEC adds authentication to prevent spoofing. DNS over HTTPS (DoH, port 443) and DNS over TLS (DoT, port 853) encrypt queries to prevent eavesdropping. Restrict zone transfers to authorized secondary servers. Monitor for unusual DNS query patterns.

Popular Ports Reference

The most commonly used and referenced network ports

20FTP Data Transfer21FTP Control22SSH / SFTP23Telnet25SMTP80HTTP110POP3143IMAP443HTTPS3306MySQL / MariaDB5432PostgreSQL6379Redis8080HTTP Proxy / Alternative HTTP8443Alternative HTTPS27017MongoDB

Related Ports

853TCP

DNS over TLS (DoT)

443TCP

HTTPS

80TCP

HTTP