Hi,
Can anyone help me in configuring Ubound server to respond to queries on port other than 53 i.e ports from 1024-65535.
Thanks in advance.
https://nlnetlabs.nl/documentation/unbound/unbound.conf/
search for 'ip-address'
in general: read the documentation 
Andreas
keep discussion on list, please
I have set ip-address as:
ip-address: 192.168.64.131@55
first check, unbound is running and do listen for queries:
# id -u -n
root
# netstat -lnpt | grep 55
tcp 0 0 192.168.64.131:55 0.0.0.0:* LISTEN 4711/unbound
next: you need to adjust access-control, add "access-control: 192.168.64.131/32 allow" to your unbound.conf
and restart unbound.
That should at least allow the query above from the host itself.
man unbound.conf say: By default only localhost is allowed, the rest is refused.
... And 192.168.64.131 is not localhost ...
root@ubuntu:/etc/unbound/unbound.conf.d# nslookup -port=55
last: please favor dig over nslookup
# dig -p 55 unbound.net. A @192.168.64.131
otherwise post unbound logs, the output of the command and your unbound.conf.
Andreas
Hello!
server:
port: 53
-> default, delete the line
#outgoing-port-permit: 1025
verbosity: 3
-> replace with "log-queries: yes" or even "log-replies: yes" if your unbound version is new enough.
num-threads: 2
outgoing-range: 512
num-queries-per-thread: 1024
msg-cache-size: 16m
rrset-cache-size: 32m
cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120
-> delete, use defaults while testing
interface: 127.0.0.1
#outgoing-interface: 192.168.64.129
outgoing-interface: 192.168.64.131
-> if you have only one non loopback address, you don't need this
access-control: 127.0.0.0/8 allow
access-control: 192.168.8.120/8 allow
access-control: 192.168.10.17/8 allow
access-control: 192.168.43.103/8 allow
-> looks wrong. I suspect you like to allow smaller networks then 192.0.0.0/8
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
username: unbound
directory: "/etc/unbound"
-> delete, use defaults while testing
logfile: "/var/log/unbound.log"
use-syslog: no
-> as chroot is not listed, chroot defaults to /etc/unbound. this means, you unbound writes to /etc/unbound/var/log/unbound.log
does the directory exist and is writeable for unbound user?
hide-version: yes
so-rcvbuf: 4m
-> delete, use defaults while testing
ip-address: 192.168.64.131@55
interface: 192.168.64.131
-> probably the error: the second line overrides the first one.
access-control: 192.168.64.131/32 allow
my resulting config looks like this:
/tmp/ub.conf
server:
log-replies: yes
interface: 127.0.0.1
access-control: 127.0.0.0/8 allow
logfile: "/var/log/unbound.log"
use-syslog: no
ip-address: 192.168.64.131@55
access-control: 192.168.64.131/32 allow
# unbound-checkconf /tmp/ub.conf
/etc/unbound/var/log: No such file or directory
[1581854171] unbound-checkconf[91:0] fatal error: logfile directory does not exist
# unbound -c /tmp/ub.conf -d
[1581855345] unbound[172:0] error: Could not open logfile /var/log/unbound.log: No such file or directory
[1581855345] unbound[172:0] notice: init module 0: subnet
[1581855345] unbound[172:0] notice: init module 1: validator
[1581855345] unbound[172:0] notice: init module 2: iterator
[1581855345] unbound[172:0] info: start of service (unbound 1.9.6).
<in an other terminal>
# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN -
tcp 0 0 192.168.64.131:55 0.0.0.0:* LISTEN -
-> notice the different ports on 127.0.0.1 and 192.168.64.131
# dig -p 55 @172.18.0.2 google.com A +short
172.217.23.142
-> works...
Andreas