Re: Telnet on port 179

From: Hobbs (deadheadblues@gmail.com)
Date: Wed Oct 22 2008 - 23:31:09 ARST

• Next message: Mahesh Shivaswamy: "Re: Telnet on port 179"
• Previous message: Scott Morris: "RE: Telnet on port 179"
• Maybe in reply to: Mahesh Shivaswamy: "Telnet on port 179"
• Next in thread: Mahesh Shivaswamy: "Re: Telnet on port 179"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Well this is what I found:

[R1] 192.168.0.1 ---------------- 192.168.0.2 [R2]

Scenario 1: Both routers only have IP addresses:

R1#telnet 192.168.0.2 179
Trying 192.168.0.2, 179 ...
% Connection refused by remote host

Scenario 2: Enable BGP on router 2, but don't point a neighbor at R1 (point
it somewhere else)

R2(config)#router bgp 2
R2(config-router)#neighbor 192.168.0.3 remote-as 1

R1#telnet 192.168.0.2 179
Trying 192.168.0.2, 179 ...
% Connection refused by remote host

Now the question is whether this is defined as "listening" - R2 gives us the
same response as scenario 1

Scenario 3: Point a neighbor statement at R1:

Now we get that blank session

R1#telnet 192.168.0.2 179
Trying 192.168.0.2, 179 ... Open
hello?
anyone?

Here the TCP handshake completes and BGP tries to sort things out. This may
cause BGP notifications on R2 and may cause your terminal to hang on R1. May
have to log out and clear line or something...it took about 5 minutes for me
to get my prompt back.

This is on R2:
*Mar 1 11:06:54.943: %BGP-3-NOTIFICATION: sent to neighbor 192.168.0.1 1/2
(illegal header length) 0 bytes

Scenario 4: Block port 179 on R2:

R1#telnet 192.168.0.2 179
Trying 192.168.0.2, 179 ...
% Destination unreachable; gateway or host down

This message is an actual ICMP message - unreachable!

Scenario 5: Block port 179 on R2 and disable ip unreachables:

R1#telnet 192.168.0.2 179
Trying 192.168.0.2, 179 ...
% Connection timed out; remote host not responding

Here we get "hung" again for awhile, this time it's different that the TCP
handshake is not complete, instead I believe we have to wait for TCP to
timeout, then you get the connection timed out message.

Hope that helps, was that what you were looking for?

On Wed, Oct 22, 2008 at 7:04 PM, Mahesh Shivaswamy
<maheshs.cisco@gmail.com>wrote:

> My goal is to check what kind of error msg it gives when I block tcp, but
> before that trying to see the connection goes through before applying the
> ACL.
>
> rgds
> Mahesh
>
>
> On Wed, Oct 22, 2008 at 7:55 PM, Hobbs <deadheadblues@gmail.com> wrote:
>
>> if it was listening you would probably end of with a "blank" telnet
>> session, like when you telnet to port 80 on an http server...this is my
>> assumption. not sure of the goal of wanting to know if you are listening on
>> port 179...why do you need to know this? maybe there is another to do it if
>> we know your goal.
>>
>> Now I have heard of wanting to know if port 179 is being filtered
>> somewhere in your network, now you can be sure it isn't, because you are
>> getting the RST from the destination
>>
>>
>> On Wed, Oct 22, 2008 at 6:34 PM, Charles Henson <chenson@gmail.com>wrote:
>>
>>> I believe if you sent an RST then you are not listening on 179. Else
>>> you would have completed the 3 way handshake and then failed on the
>>> protocol. Someone correct me if I'm wrong here.
>>>
>>>
>>> On 10/22/08, Mahesh Shivaswamy <maheshs.cisco@gmail.com> wrote:
>>> > I need to chk if SW1 is listening on port 179.
>>> >
>>> > rgds
>>> > Mahesh
>>> >
>>> >
>>> > On Wed, Oct 22, 2008 at 7:00 PM, Hobbs <deadheadblues@gmail.com>
>>> wrote:
>>> >
>>> >> what are you trying to test?
>>> >>
>>> >> On Wed, Oct 22, 2008 at 5:54 PM, Mahesh Shivaswamy <
>>> >> maheshs.cisco@gmail.com> wrote:
>>> >>
>>> >>> Hi,
>>> >>>
>>> >>> When I telnet on port 23 between R4 & SW1 its fine, but when I telnet
>>> on
>>> >>> port 179 I get a connection refuse msg, there is no access list on
>>> SW1.
>>> >>>
>>> >>> R4#telnet 154.1.47.7
>>> >>> Trying 154.1.47.7 ... Open
>>> >>>
>>> >>>
>>> >>> User Access Verification
>>> >>>
>>> >>> Password:
>>> >>>
>>> >>> R4#telnet 154.1.47.7 179
>>> >>> Trying 154.1.47.7, 179 ...
>>> >>> % Connection refused by remote host
>>> >>>
>>> >>> SW1#
>>> >>> 1d11h: tcp0: I LISTEN 154.1.47.4:18645 154.1.47.7:179 seq 2990396955
>>> >>> OPTS 4 SYN WIN 4128
>>> >>> 1d11h: TCP: sent RST to 154.1.47.4:18645 from 154.1.47.7:179
>>> >>>
>>> >>> SW1#sh run int vlan 47
>>> >>> Building configuration...
>>> >>>
>>> >>> Current configuration : 61 bytes
>>> >>> !
>>> >>> interface Vlan47
>>> >>> ip address 154.1.47.7 255.255.255.0
>>> >>> end
>>> >>>
>>> >>> Any suggestion what is the issue, this is the only way I can test,
>>> any
>>> >>> suggestion ?
>>> >>>
>>> >>> rgds
>>> >>> Mahesh
>>> >>>
>>> >>>
>>> >>> Blogs and organic groups at http://www.ccie.net
>>> >>>
>>> >>>
>>> _______________________________________________________________________
>>> >>> Subscription information may be found at:
>>> >>> http://www.groupstudy.com/list/CCIELab.html
>>> >
>>> >
>>> > Blogs and organic groups at http://www.ccie.net
>>> >
>>> > _______________________________________________________________________
>>> > Subscription information may be found at:
>>> > http://www.groupstudy.com/list/CCIELab.html
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>>
>>>
>>> --
>>> Charles

Blogs and organic groups at http://www.ccie.net

• Next message: Mahesh Shivaswamy: "Re: Telnet on port 179"
• Previous message: Scott Morris: "RE: Telnet on port 179"
• Maybe in reply to: Mahesh Shivaswamy: "Telnet on port 179"
• Next in thread: Mahesh Shivaswamy: "Re: Telnet on port 179"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:22 ARST