A network administrator is troubleshooting zone transfers between two internal name servers. Standard name resolution requests from client PCs work, but every time a secondary server tries to pull a full zone from the primary, the transfer fails. Which port-and-protocol combination is MOST likely being blocked by the firewall between the servers?
Normal, small DNS lookups (A, AAAA, MX, etc.) use UDP on port 53 because the messages are short and connection-less delivery is faster. However, operations that require reliable, larger data exchanges-such as zone transfers (AXFR/IXFR) and DNSSEC key exchanges-switch to TCP on port 53. If UDP 53 is open but TCP 53 is filtered, client queries will still succeed while zone transfers consistently fail. SMTP uses TCP 25, and NTP uses UDP 123; neither is relevant to DNS transfers. UDP 67 is for DHCP discovery/offer traffic, not DNS.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.