From: What ever (gfy.ccie@gmail.com)
Date: Thu Nov 20 2008 - 15:00:46 ARST
" ...BGP needs tcp port 179 both for source and destination
... "
Not quite correct.
The side initiating connects with a destination port of 179. Response
traffic to the side that initiated has a source port of 179, and a
destination port above 1024.
A to B
S: A.A.A.A:xxxx
D: B.B.B.B:179
B to A
S: B.B.B.B:179
D: A.A.A.A:xxxx
On Wed, Nov 19, 2008 at 5:21 PM, Darby Weaver <ccie.weaver@gmail.com> wrote:
> Check out Jeff Doyle Volume I 2nd Edition in one of his Appendices. He
> covers this little misunderstood topic very well. I think he used Telnet
> or
> SSH in his example through.
>
> The jist of the discussion is to understand what a "source port" is and
> what
> a "destination port" is. Once you have this (debug ip packet if you need
> further clarification) then you can correctly write your access list every
> time.
>
> For example: BGP needs tcp port 179 both for source and destination.
> While
> http only has a destination port of 80 on the other hand. Look at netstat
> to verify on a Windows on *Nix box to verify.
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Dec 01 2008 - 08:18:31 ARST