UDP packet from Server

Unanswered Question
Aug 4th, 2008
User Badges:

Hi,

We are using DELL-PE7250 servers, we are finding servers(10.37.32.2) are keep on sending UDP packets with port no:1228 to our Broadcast IP(10.37.32.63).


Can we know what is the use of this packet and how to stop? Pls find in attachment-captured packet details using ethereal



Thanks



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Loading.
thiru.vel10 Tue, 08/05/2008 - 05:38
User Badges:

Please block this broadcast Traffic from router with applying ACL.



bmbreer Tue, 08/05/2008 - 06:23
User Badges:

Thiru,

There's no need to block this traffic on the router as the TTL field in the IP header (see OP attachment) is 00. This traffic is never meant to leave the broadcast domain.


Ramesh,

If the OS on the server is Windows then you can try running a netstat -ba to see which binary is sending it.

nramesh25 Tue, 08/05/2008 - 22:38
User Badges:

Hi bmbreer,


we are using Linux servers.


pls tell us netstat -ba what is the command? where should we use? servers are connected in L3 switch(cisco 4510R). L3 switch is connected to Router(cisco 3745).


Pls suggest and if you want anymore information let me know.


Thanks.

Actions

This Discussion