diff --git a/nixos/modules/services/networking/bind.nix b/nixos/modules/services/networking/bind.nix
index 899ee1914078..5d1ce87344d2 100644
--- a/nixos/modules/services/networking/bind.nix
+++ b/nixos/modules/services/networking/bind.nix
@@ -107,8 +107,12 @@ let
       acl badnetworks { ${lib.concatMapStrings (entry: " ${entry}; ") cfg.blockedNetworks} };
 
       options {
-        listen-on { ${lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOn} };
-        listen-on-v6 { ${lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6} };
+        listen-on port ${toString cfg.listenOnPort} { ${
+          lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOn
+        } };
+        listen-on-v6 port ${toString cfg.listenOnIpv6Port} { ${
+          lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6
+        } };
         allow-query-cache { cachenetworks; };
         blackhole { badnetworks; };
         forward ${cfg.forward};
diff --git a/nixos/tests/bind.nix b/nixos/tests/bind.nix
index 3b2edec9d19e..8842dafd6615 100644
--- a/nixos/tests/bind.nix
+++ b/nixos/tests/bind.nix
@@ -1,30 +1,57 @@
-{ ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  zones = lib.singleton {
+    name = ".";
+    master = true;
+    file = pkgs.writeText "root.zone" ''
+      $TTL 3600
+      . IN SOA ns.example.org. admin.example.org. ( 1 3h 1h 1w 1d )
+      . IN NS ns.example.org.
+
+      ns.example.org. IN A    192.168.0.1
+      ns.example.org. IN AAAA abcd::1
+
+      1.0.168.192.in-addr.arpa IN PTR ns.example.org.
+    '';
+  };
+in
 {
   name = "bind";
 
-  nodes.machine =
-    { pkgs, lib, ... }:
-    {
-      services.bind.enable = true;
-      services.bind.extraOptions = "empty-zones-enable no;";
-      services.bind.zones = lib.singleton {
-        name = ".";
-        master = true;
-        file = pkgs.writeText "root.zone" ''
-          $TTL 3600
-          . IN SOA ns.example.org. admin.example.org. ( 1 3h 1h 1w 1d )
-          . IN NS ns.example.org.
+  nodes = {
+    machine = {
+      services.bind = {
+        enable = true;
 
-          ns.example.org. IN A    192.168.0.1
-          ns.example.org. IN AAAA abcd::1
-
-          1.0.168.192.in-addr.arpa IN PTR ns.example.org.
-        '';
+        extraOptions = "empty-zones-enable no;";
+        inherit zones;
       };
     };
 
+    machineNonDefaultPort = {
+      services.bind = {
+        enable = true;
+
+        extraOptions = "empty-zones-enable no;";
+        inherit zones;
+
+        listenOnPort = 9053;
+      };
+    };
+  };
+
   testScript = ''
-    machine.wait_for_unit("bind.service")
-    machine.succeed("host 192.168.0.1 127.0.0.1 | grep -qF ns.example.org")
+    with subtest("Bind starts and responds"):
+      machine.wait_for_unit("bind.service")
+      machine.succeed("host 192.168.0.1 127.0.0.1 | grep -qF ns.example.org")
+
+    with subtest("Bind starts and responds on nondefault port"):
+      machineNonDefaultPort.wait_for_unit("bind.service")
+      machineNonDefaultPort.succeed("host -p 9053 192.168.0.1 127.0.0.1 | grep -qF ns.example.org")
   '';
 }