UDP port 10000 and IPv6 ports listening

Khagler24 · ‎08-31-2012

Afternoon all,

I've several production Catalyst switches that are listening on the same IPv4 and IPv6 ports. The problem is I don't want the switches listening on the IPv6 ports.

OUTPUT FROM SWITCH:

switch#sh ip sock

Proto Remote Port Local Port In Out Stat TTY OutputIF

17 --listen-- 192.168.1.1 123 0 0 1001 0

17(v6) --listen-- --any-- 123 0 0 20001 0

17 --listen-- 192.168.1.1 1975 0 0 11 0

17 0.0.0.0 0 192.168.1.1 2228 0 0 211 0

17 0.0.0.0 0 192.168.1.1 67 0 0 2211 0

17 192.168.1.2 63706 192.168.1.1 161 0 0 1001 0

17 --listen-- 192.168.1.1 162 0 0 1011 0

17 --listen-- 192.168.1.1 52919 0 0 1011 0

17(v6) --listen-- --any-- 161 0 0 20001 0

17(v6) --listen-- --any-- 162 0 0 20011 0

17(v6) --listen-- --any-- 54464 0 0 20001 0

17 192.168.1.2 514 192.168.1.1 61483 0 0 400201 0

switch#

As far as I know, this IOS code DOES NOT support IPv6.

Code: c3560-ipbasek9-mz.122-58.SE2.bin

Hardware: WS-C3560G-24PS-S

switch#sh ipv6 route
% Specified IPv6 routing table does not exist
switch#sh ipv6 protocols

switch#

Does anyone have any idea how to shut down these listening ports?

I also have a few production switches listening on UDP/10000 and I cannot determine why this port is listening.

OUTPUT FROM SWITCH:

switch#sh ip sock
Proto    Remote      Port      Local       Port In Out Stat TTY OutputIF
17   --listen--          192.168.1.1 10000   0   0   11   0
17 192.168.1.2   162 192.168.1.1     60310   0   0    0   0
17 0.0.0.0             0 192.168.1.1 2228   0   0 211   0
17 0.0.0.0             0 192.168.1.1    67   0   0 2211   0
17 192.168.1.2    63706 192.168.1.1    161   0   0 1001   0
17   --listen--          192.168.1.1   162   0   0 1011   0
17   --listen--          192.168.1.1 58064   0   0 1011   0
17   --listen--          --any--       161   0   0 20001   0
17   --listen--          --any--       162   0   0 20011   0
17   --listen--          --any--     60653   0   0 20001   0
17   --listen--          192.168.1.1   123   0   0    1   0
17 192.168.1.2   514 192.168.1.1 61686   0   0 400201   0
switch#

Code: c3750-ipbasek9-mz.122-55.SE6.bin
Hardware: WS-C3750G-12S-S

I've seen where UDP/10000 is Network Data Management Protocol and is related to Storage networks , but I've also seen where UDP/10000 is the default port for IPSEC data.

I don't believe UDP/10000 is related to either NDMP or IPSEC data, though I could be very wrong.

Any help is very appreciated.

Khagler24 · ‎09-28-2012

Can anyone confirm if Cisco Stack Discovery Protocol uses, by default, UDP/10,000? I believe SDP is the service behind this port, though I've not come across any documentation that covers this aspect of SDP.

rob.magrath · ‎03-25-2013

Hi Khagler24,

Did you ever find an answer? I've got the same issue on an edge 3560-X switch

Thanks,

Rob

rob.magrath · ‎03-25-2013

Sorry and by the same I mean the 3560-X edge switch is listening on UDP/10000 and I'd like to close this port down.

Thanks

Rob

Khagler24 · ‎03-25-2013

Hi Rob,

Unfortunately no, I have not come across an answer for UDP/10000. I had suspected that it was Cisco's Stack Discovery Protocol until you mentioned having this same issue on a 3560x.

Guess I'll open a TAC case to find out what it is. I'll post here if/when I here something back from Cisco.

Thanks

Ken

afisayo · ‎02-02-2016

Hi Ken,

What was the resolution to UDP 10000?

Thanks,

'Ayo