cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
287
Views
0
Helpful
2
Replies

Ports over WAN accelerators. Basic question.

news2010a
Level 3
Level 3

Imagine I am trying to validate whether WAN Accelerators (Cisco WAAS) change or not ports of applications over the WAN. This is what I am doing:

WAAS1--Router1--<WAN SIMULATOR>--Router2--WAAS2

Then I take a TCMPDump on WANSimulator.

I see something like this on my TCMPDump:

serverIP.80 > clientIP.3343

My question is, the serverIP is correctly represented over port 80.

I am unsure about the information regarding the target port to reach the client. Shouldn't that be port 80? I was debating this with a co-worker and then we recalled that client ports may respond on random port#. Is my interpretation correct?

1 Accepted Solution

Accepted Solutions

bvsnarayana03
Level 5
Level 5

You were absolutely right.

Application work on well known ports ranging from 0 - 1023.

1024 - 49151 are called the registered ports. These can be assigned to certain new protocols by software companies.

49152-65535 are called ephemeral ports. These are randomly assigned to any client accessing application.

Pls note that this a recommendation of IANA. But is not enforced. Sometimes, ports may be assigned to different protocols or application to that defined by IANA like worms or trojans.

Lets take ur case. HTTP works on port 80. Your client connects to this application on port 3343. So src port is 3343 & dest port is 80. When server responds, this reverses i.e. src port becomes 80 & dest port is 3343.

Pls rate if this helped.

View solution in original post

2 Replies 2

bvsnarayana03
Level 5
Level 5

You were absolutely right.

Application work on well known ports ranging from 0 - 1023.

1024 - 49151 are called the registered ports. These can be assigned to certain new protocols by software companies.

49152-65535 are called ephemeral ports. These are randomly assigned to any client accessing application.

Pls note that this a recommendation of IANA. But is not enforced. Sometimes, ports may be assigned to different protocols or application to that defined by IANA like worms or trojans.

Lets take ur case. HTTP works on port 80. Your client connects to this application on port 3343. So src port is 3343 & dest port is 80. When server responds, this reverses i.e. src port becomes 80 & dest port is 3343.

Pls rate if this helped.

That's exactly correct. I do TCMPDump on the client side and I confirm that ports are not necessarily initiated on known ports.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco