What ports will RPC use?

nath034 · 07-15-2013, 01:44 PM

I'm trying to make a baseline for open ports on our network, and having a little trouble with ports 0-1023.

From what I can tell, 0-1023 are the priveledged ports, but I'm hoping to find something that "proves" this (like a conf file of sorts).

I've found min/max_resvport which describes that SunRPC services will use 665-1023, but I've seen rpc.statd (as well as other sunrpc services) on ports below 665. Maybe 665-1023 is "reserved" for sunrpc, but it can still use other available ports in the 0-1023 range?

Ideally I would find something like min/max_resvport that explicitly shows that 0-1023 can be used with RPC. (similar to how ip_local_port_range shows me that the ephemeral port range is currently set to 32768-61000.)

I appreciate any assistance that is offered.

Nathan

Kustom42 · 07-15-2013, 04:13 PM

This dates back to the darpa protocol days.

Ports 0-1023 are what are referred to now as the "Well-known" ports and this is the design of the network layer and applications that are well thought out follow these standards. There is going to be no "conf" file or anywhere where it explicitly states what ports rcp portmapper could bind to. Basically, it assumes that the application is written well enough to know not to interfere with others and you as a sys admin have to be aware of your own port bindings. An application will call the rpc portmapper and tell it what port to listen on and thats about the jist of it. If your app tries to bind to a port that is already in use you will get an error.

This is to say that an email developer isnt going to try and use port 80 for pop3 because its not the standard but there is no conf file on your system that says that pop3 can't be on port 80.

Best I could find on this was http://www.iana.org/assignments/serv...-numbers.xhtml

But again it just says that 0-1023 are system ports, its not defined anywhere else besides the standardization of applications that are written.

Kustom42 · 07-15-2013, 04:18 PM

Just because it drives me crazy when i dont figure out the exact answer to something:

Rfc6335 describes the "Best Current Practice" for port numbers and is the doc that I would say is the most authoritative on this subject.

http://tools.ietf.org/html/rfc6335

allend · 07-15-2013, 04:23 PM

Welcome to LQ!

From /etc/services which shows IANA port assignments

Code:

sunrpc          111/tcp    rpcbind      #SUN Remote Procedure Call
sunrpc          111/udp    rpcbind      #SUN Remote Procedure Call

I am guessing that you are using NFS on your network. This is a useful guide on explicitly specifying port usage by NFS. http://rlworkman.net/howtos/NFS_Firewall_HOWTO

From /usr/src/linux/Documentation/kernel-parameters.txt

Code:

        sunrpc.min_resvport=
        sunrpc.max_resvport=
                        [NFS,SUNRPC]
                        SunRPC servers often require that client requests
                        originate from a privileged port (i.e. a port in the
                        range 0 < portnr < 1024).
                        An administrator who wishes to reserve some of these
                        ports for other uses may adjust the range that the
                        kernel's sunrpc client considers to be privileged
                        using these two parameters to set the minimum and
                        maximum port values.

nath034 · 07-16-2013, 06:54 AM

Thank you guys very much for the assistance!