Re: haproxy listening on lots of UDP ports

Fri, 05 Aug 2022 16:59:59 -0700 

Not positive the only use case, but I have a number of udp ports also open
so ran tcpdump on them and they are all talking to syslog. Seems to line up
about 1 per cpu on a couple of machines I checked.

On Fri, Aug 5, 2022 at 7:19 PM Shawn Heisey <[email protected]> wrote:

> I am running haproxy in a couple of places.  It is listening on multiple
> seemingly random high UDP ports.
>
> The one running "2.6.2-ce3023-30 2022/08/03" has the following ports.
> This server is in AWS.  The first three lines are expected:
>
> elyograg@bilbo:/var/log$ sudo lsof -Pn -i | grep haproxy
> haproxy   1928967            root    6u  IPv4 2585012      0t0 UDP *:443
> haproxy   1928967            root    7u  IPv4 2585013      0t0 TCP *:80
> (LISTEN)
> haproxy   1928967            root    8u  IPv4 2585014      0t0 TCP *:443
> (LISTEN)
> haproxy   1928967            root   16u  IPv4 2587974      0t0 UDP *:57183
> haproxy   1928967            root   17u  IPv4 2585855      0t0 UDP *:60746
>
> The one running "2.7-dev2-f9d4a7-78 2022/08/05" is in my basement and
> has the following ports.  The first four lines are expected.  There are
> a lot more UDP ports active on this one.
>
> elyograg@smeagol:~/git/lucene-solr$ sudo lsof -Pn -i | grep haproxy
> haproxy   1469717              root    6u  IPv4 14230127 0t0  UDP
> 192.168.217.170:443
> haproxy   1469717              root    7u  IPv4 14230128 0t0  TCP *:8983
> (LISTEN)
> haproxy   1469717              root    8u  IPv4 14230129 0t0  TCP *:80
> (LISTEN)
> haproxy   1469717              root    9u  IPv4 14230130 0t0  TCP *:443
> (LISTEN)
> haproxy   1469717              root   46u  IPv4 14242826 0t0  UDP *:45727
> haproxy   1469717              root   47u  IPv4 14212730 0t0  UDP *:40101
> haproxy   1469717              root   49u  IPv4 14209917 0t0  UDP *:34584
> haproxy   1469717              root   50u  IPv4 14212920 0t0  UDP *:55409
> haproxy   1469717              root   51u  IPv4 14209875 0t0  UDP *:46192
> haproxy   1469717              root   52u  IPv4 14229139 0t0  UDP *:36370
> haproxy   1469717              root   53u  IPv4 14209916 0t0  UDP *:50898
> haproxy   1469717              root   55u  IPv4 14242839 0t0  UDP *:45456
> haproxy   1469717              root   56u  IPv4 14242890 0t0  UDP *:37717
> haproxy   1469717              root   57u  IPv4 14240387 0t0  UDP *:45547
> haproxy   1469717              root   58u  IPv4 14240302 0t0  UDP *:33960
> haproxy   1469717              root   60u  IPv4 14240885 0t0  UDP *:42145
>
> These extra ports are not exposed to the world.  The external firewalls
> are locked down pretty well.  And the hosts also have firewalls (ufw)
> that are similarly restricted.
>
> What are these ports for?  They are not in the haproxy config files.  I
> did try searching for an explanation, and didn't find anything.
>
> Thanks,
> Shawn
>
>
>

Reply via email to