TCP vs. UDP.
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com ----- Original Message ----- From: "K. Scott Helms" <kscott.he...@gmail.com> To: "Job Snijders" <j...@ntt.net> Cc: "NANOG list" <nanog@nanog.org> Sent: Tuesday, August 25, 2020 7:27:24 AM Subject: Re: TCP and UDP Port 0 - Should an ISP or ITP Block it? Job, Comcast is blocking it. From the table on that page. "Port 0 is a reserved port, which means it should not be used by applications. Network abuse has prompted the need to block this port." "What about UDP IP fragmentation?" I'm not sure I follow this. The IP packet will be fragmented with UDP inside it. When the IP packet gets put together the UDP PDU will have a port number. It's possible that some packet analyzers or network gear will improperly "see" a partial UDP flow as port 0 but that's a mischaracterization of the flow. Scott Helms Scott Helms On Tue, Aug 25, 2020 at 8:17 AM Job Snijders <j...@ntt.net> wrote: > > On Tue, Aug 25, 2020 at 07:27:33AM -0400, K. Scott Helms wrote: > > I think a fairly easy thing to do is see what other large retail ISPs > > have done. Comcast, as an example, lists all of the ports they block > > and 0 is blocked. I do recommend that port 0 be blocked by all of the > > ISPs I work with and frankly Comcast's list is a pretty good one to > > use in general, though you will get some pushback on things like SMTP. > > > > https://www.xfinity.com/support/articles/list-of-blocked-ports > > I may be reading the table incorrectly, but it seems to me Comcast is > *not* blocking UDP port 0 according to the above URL? > > > Transit providers are a little bit different, but then again port 0 is > > also different since AFAIK it's never had a legitimate use case. It's > > always been a reserved port. I'd personally block it if I ran a > > transit, but I'd be more willing to open it up for one of my large > > customers (in a limited way) than I would on the retail side. > > > > https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml > > > > What about UDP IP fragmentation? > > Kind regards, > > Job
