RE: Port 67

From: Scott Morris (swm@emanon.com)
Date: Tue May 31 2005 - 01:10:35 GMT-3

• Next message: Peter Ding \(pding\): "Multiple dialer watch-list"
• Previous message: san: "Re: Port 67"
• Maybe in reply to: Lanny Ballard: "Port 67"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Per RFC 2131:

: DHCP uses UDP as its transport protocol. DHCP messages from a client
   to a server are sent to the 'DHCP server' port (67), and DHCP
   messages from a server to a client are sent to the 'DHCP client' port
   (68). A server with multiple network address (e.g., a multi-homed
   host) MAY use any of its network addresses in outgoing DHCP messages.

So, I guess remember them both... Or set up a REALLY quick DHCP test
between routers and do 'debug ip packet'. Or determine that the 2 points
you may get for solving the problem is not that big of a deal compared to
other points you can get! :)

It's all a giant "it depends"!

Cheers,

Scott

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of san
Sent: Monday, May 30, 2005 11:56 PM
To: ccie2be
Cc: gladston@br.ibm.com; Group Study
Subject: Re: Port 67

Tim ,

Below is the output from port-map.....bootp is not present in the output &
also dhcp uses both UDP 67 & 68 according to the output.

/SAN

sh ip nbar port-map
port-map bgp udp 179
port-map bgp tcp 179
port-map citrix udp 1604
port-map citrix tcp 1494
port-map cuseeme udp 7648 7649 24032
port-map cuseeme tcp 7648 7649
port-map custom-01 udp 0
port-map custom-01 tcp 0
port-map custom-02 udp 0
port-map custom-02 tcp 0
port-map custom-03 udp 0
port-map custom-03 tcp 0
port-map custom-04 udp 0
port-map custom-04 tcp 0
port-map custom-05 udp 0
port-map custom-05 tcp 0
port-map custom-06 udp 0
port-map custom-06 tcp 0
port-map custom-07 udp 0
port-map custom-07 tcp 0
port-map custom-08 udp 0
port-map custom-08 tcp 0
port-map custom-09 udp 0
port-map custom-09 tcp 0
port-map custom-10 udp 0
port-map custom-10 tcp 0
port-map dhcp udp 67 68
port-map dns udp 53
port-map dns tcp 53
port-map exchange tcp 135
port-map fasttrack tcp 1214
port-map finger tcp 79
port-map ftp tcp 21
port-map gnutella tcp 6346 6347 6348 6349 6355 5634
port-map gopher udp 70
port-map gopher tcp 70
port-map http tcp 80
port-map imap udp 143 220
port-map imap tcp 143 220
port-map irc udp 194
port-map irc tcp 194
port-map kerberos udp 88 749
port-map kerberos tcp 88 749
port-map l2tp udp 1701
port-map ldap udp 389
port-map ldap tcp 389
port-map napster tcp 6699 8875 8888 7777 6700 6666 6677
6688 4444 5555
port-map netbios udp 137 138
port-map netbios tcp 137 139
port-map netshow tcp 1755
port-map nfs udp 2049
port-map nfs tcp 2049
port-map nntp udp 119
port-map nntp tcp 119
port-map notes udp 1352
port-map notes tcp 1352
port-map novadigm udp 3460 3461 3462 3463 3464 3465
port-map novadigm tcp 3460 3461 3462 3463 3464 3465
port-map ntp udp 123
port-map ntp tcp 123
port-map pcanywhere udp 22 5632
port-map pcanywhere tcp 65301 5631
port-map pop3 udp 110
port-map pop3 tcp 110
port-map pptp tcp 1723
port-map printer udp 515
port-map printer tcp 515
port-map rcmd tcp 512 513 514
port-map realaudio tcp 7070 554
port-map rip udp 520
port-map rsvp udp 1698 1699
port-map rtspplayer tcp 554 7070
port-map secure-ftp tcp 990
port-map secure-http tcp 443
port-map secure-imap udp 585 993
port-map secure-imap tcp 585 993
port-map secure-irc udp 994
port-map secure-irc tcp 994
port-map secure-ldap udp 636
port-map secure-ldap tcp 636
port-map secure-nntp udp 563
port-map secure-nntp tcp 563
port-map secure-pop3 udp 995
port-map secure-pop3 tcp 995
port-map secure-telnet tcp 992
port-map smtp tcp 25
port-map snmp udp 161 162
port-map snmp tcp 161 162
port-map socks tcp 1080
port-map sqlnet tcp 1521
port-map sqlserver tcp 1433
port-map ssh tcp 22
port-map streamwork udp 1558
port-map sunrpc udp 111
port-map sunrpc tcp 111
port-map syslog udp 514
port-map telnet tcp 23
port-map tftp udp 69
port-map vdolive tcp 7000
port-map xwindows tcp 6000 6001 6002 6003
 

On 5/30/05, ccie2be <ccie2be@nyc.rr.com> wrote:
> If asked to do that in the lab and you didn't know off-hand what port
> 67 is used for, will using the show ip nbar port-map command to find
> out show both bootp and dhcp? (I don't have a router to test this on
> at the moment.)
>
> Also, since both bootp and dhcp use port 67, do both services have to
> be explicitly disabled or will disabling dhcp suffice?
>
> TIA, Tim
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of gladston@br.ibm.com
> Sent: Monday, May 30, 2005 3:31 PM
> To: ccielab@groupstudy.com
> Subject: Port 67
>
> How can I disable port 67?
>
> swr2#sh ip sockets
> Proto Remote Port Local Port In Out Stat TTY OutputIF
> 17 0.0.0.0 0 224.0.1.40 496 0 0 1 0
> 103 0.0.0.0 0 172.16.9.9 52804 0 0 0 0
> 17 --listen-- 172.16.9.9 67 0 0 489 0
>
> ______________________________________________________________________
> _ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> ______________________________________________________________________
> _ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Peter Ding \(pding\): "Multiple dialer watch-list"
• Previous message: san: "Re: Port 67"
• Maybe in reply to: Lanny Ballard: "Port 67"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:12:03 GMT-3