Ports over WAN accelerators. Basic question.

Answered Question
Nov 13th, 2007
User Badges:

Imagine I am trying to validate whether WAN Accelerators (Cisco WAAS) change or not ports of applications over the WAN. This is what I am doing:

WAAS1--Router1--<WAN SIMULATOR>--Router2--WAAS2


Then I take a TCMPDump on WANSimulator.


I see something like this on my TCMPDump:

serverIP.80 > clientIP.3343


My question is, the serverIP is correctly represented over port 80.


I am unsure about the information regarding the target port to reach the client. Shouldn't that be port 80? I was debating this with a co-worker and then we recalled that client ports may respond on random port#. Is my interpretation correct?

Correct Answer by bvsnarayana03 about 9 years 6 months ago

You were absolutely right.


Application work on well known ports ranging from 0 - 1023.


1024 - 49151 are called the registered ports. These can be assigned to certain new protocols by software companies.


49152-65535 are called ephemeral ports. These are randomly assigned to any client accessing application.


Pls note that this a recommendation of IANA. But is not enforced. Sometimes, ports may be assigned to different protocols or application to that defined by IANA like worms or trojans.


Lets take ur case. HTTP works on port 80. Your client connects to this application on port 3343. So src port is 3343 & dest port is 80. When server responds, this reverses i.e. src port becomes 80 & dest port is 3343.


Pls rate if this helped.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
bvsnarayana03 Tue, 11/13/2007 - 22:59
User Badges:
  • Silver, 250 points or more

You were absolutely right.


Application work on well known ports ranging from 0 - 1023.


1024 - 49151 are called the registered ports. These can be assigned to certain new protocols by software companies.


49152-65535 are called ephemeral ports. These are randomly assigned to any client accessing application.


Pls note that this a recommendation of IANA. But is not enforced. Sometimes, ports may be assigned to different protocols or application to that defined by IANA like worms or trojans.


Lets take ur case. HTTP works on port 80. Your client connects to this application on port 3343. So src port is 3343 & dest port is 80. When server responds, this reverses i.e. src port becomes 80 & dest port is 3343.


Pls rate if this helped.

news2010a Wed, 11/14/2007 - 07:32
User Badges:

That's exactly correct. I do TCMPDump on the client side and I confirm that ports are not necessarily initiated on known ports.


Actions

This Discussion