I asked our resident DNS guru, and here is the explanation I got.
TCP IP sessions work as follow: A daemon listens on a particular port (named=53). This is what incoming connections will link to. It must remain open to listen for many connections that are coming in constantly. When the outgoing connection is made back to the client, you will see the service bind to an available unpriveleged port (>1024) for an outgoing connection. This outgoing connection will connect to the client on the same port it connected from initially, (named = 53.)
Per this logic, what you are seeing is a reply connection on the higher port back to a client. It is not a straight and consistent pipe between the two hosts on port 53 solely.
This should not impact your firewall setup. Today's firewalls are stateful, meaning that they can distinguish a connection that has already been established on an open port, but that will connect out on an unpriveleged port (based on the flags and headers, how they are set). Regardless whether your firewall configuration is set to open those higher ports specifically, if it is stateful, you will be ok. Besides, where they are random ports chosen most of the time, (mine has a connection on 3008) how would you really manage the config of the firewall at that point? leave open an entire range of services?
If anyone can see where i'm mistaken on this, please let me know, but it sounds about right.