Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

Nick, Data on blocking inbound TCP or the kinds of gear that mistakenly labels UDP fragments as DST port 0? Scott Helms On Wed, Aug 26, 2020 at 9:00 AM Nick Hilliard wrote: > > K. Scott Helms wrote on 26/08/2020 13:55: > > To be clear, UDP port 0 is not and probably shouldn't be blocked > > be

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

K. Scott Helms wrote on 26/08/2020 13:55: To be clear, UDP port 0 is not and probably shouldn't be blocked because some network gear and reporting tools may mistake a fragmented UDP PDU for port 0. That's an implementation error, but one that may be common enough to create issues for users. do

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

To be clear, UDP port 0 is not and probably shouldn't be blocked because some network gear and reporting tools may mistake a fragmented UDP PDU for port 0. That's an implementation error, but one that may be common enough to create issues for users. Blocking inbound TCP port 0 is something that I

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

What problem are you trying to solve? Bjørn

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

On Tue, Aug 25, 2020 at 8:36 AM Mel Beckman wrote: > “SHOULD” is not “SHALL”, and thus this doesn’t countermand RFC 768’s > instruction “ If not used, a value of zero is inserted." So the key > question is, when is the source port not used? When a reply is not > requested, is my thinking. Is ther

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

That's correct, I can only blame my lack of coffee at that point for the oversight. I went back and looked at where we have this implemented and it's only TCP. Scott Helms On Tue, Aug 25, 2020 at 8:46 AM Job Snijders wrote: > > On Tue, Aug 25, 2020 at 08:27:24AM -0400, K. Scott Helms wrote: >

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

> On 25 Aug 2020, at 18:13, Douglas Fischer wrote: > > With some analysis of what is running over our network, ISP or ITP, we will > be able to see some TCP/UDP(mostly UDP) packets with source or destination to > port 0. Are you certain that the UDP packets exhibit port 0, or is this flow te

RE: TCP and UDP Port 0 - Should an ISP or ITP Block it?

> William Herrin > Sent: Tuesday, August 25, 2020 4:20 PM > > On Tue, Aug 25, 2020 at 4:15 AM Douglas Fischer > wrote: > > a) Should an ISP block that Kind of traffic? > > Hi Douglas, > > Generally speaking the answer is NO, You should not presume that your > understanding of your customers' da

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

“SHOULD” is not “SHALL”, and thus this doesn’t countermand RFC 768’s instruction “ If not used, a value of zero is inserted." So the key question is, when is the source port not used? When a reply is not requested, is my thinking. Is there an application that implements this in UDP? (it’s nonse

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

On Tue, Aug 25, 2020 at 4:15 AM Douglas Fischer wrote: > a) Should an ISP block that Kind of traffic? Hi Douglas, Generally speaking the answer is NO, You should not presume that your understanding of your customers' data traffic is sufficiently complete or correct to make blocking decisions for

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

Sorry! sed 's/"I can think"/"I can't think"/g' Em ter., 25 de ago. de 2020 às 09:16, Töma Gavrichenkov escreveu: > Peace, > > On Tue, Aug 25, 2020, 2:14 PM Douglas Fischer > >> I can think of a genuine use of it. >> > > I'm curious which one. > With Berkeley sockets there's technically no way

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

I was just reading the same thing JTK. Of course this is followed by RFC8085 / BCP 145 , UDP Usage Guidelines : 5.1 Using UDP Ports A UDP sender SHOULD NOT use a source port value of zero. A source >port number that cannot be easily determined from the address or >payload type provid

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

On Tue, 25 Aug 2020 12:40:43 + Pim van Stam wrote: > Ohter opinions on this? IETF RFC 768 - User Datagram Protocol weighs in: "Source Port is an optional field, when meaningful, it indicates the port of the sending process, and may be assumed to be the port to which a reply should

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

Peace, On Tue, Aug 25, 2020, 3:43 PM Pim van Stam wrote: > I think in general you can say that problems with UDP port 0 are in fact > fragments. Ohter opinions on this? > Either that, or dumb DDoS packet generators. -- Töma >

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

On Tue, Aug 25, 2020 at 08:27:24AM -0400, K. Scott Helms wrote: > Comcast is blocking it. From the table on that page. > > "Port 0 is a reserved port, which means it should not be used by > applications. Network abuse has prompted the need to block this port." The 'Transport' column seems to ind

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

> On 25 Aug 2020, at 14:27, K. Scott Helms wrote: > > Job, > > Comcast is blocking it. From the table on that page. > > "Port 0 is a reserved port, which means it should not be used by > applications. Network abuse has prompted the need to block this port." > > "What about UDP IP fragmenta

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

4 AM Subject: Re: TCP and UDP Port 0 - Should an ISP or ITP Block it? Job, Comcast is blocking it. From the table on that page. "Port 0 is a reserved port, which means it should not be used by applications. Network abuse has prompted the need to block this port." "What

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

Job, Comcast is blocking it. From the table on that page. "Port 0 is a reserved port, which means it should not be used by applications. Network abuse has prompted the need to block this port." "What about UDP IP fragmentation?" I'm not sure I follow this. The IP packet will be fragmented wit

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

Peace, On Tue, Aug 25, 2020, 3:14 PM Jon Lewis wrote: > When an application sends more data via UDP than can be fit in a single > packet, only the first packet has a UDP header [where the port info is > stored]. The rest of the fragments have no UDP header, which most things > will report as UD

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

On Tue, Aug 25, 2020 at 07:27:33AM -0400, K. Scott Helms wrote: > I think a fairly easy thing to do is see what other large retail ISPs > have done. Comcast, as an example, lists all of the ports they block > and 0 is blocked. I do recommend that port 0 be blocked by all of the > ISPs I work with

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

Peace, On Tue, Aug 25, 2020, 2:14 PM Douglas Fischer > I can think of a genuine use of it. > I'm curious which one. With Berkeley sockets there's technically no way to bind(2) to this port without some amount of kernel patching applied, and the system cannot allocate it by itself, either. -- T

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

On Tue, 25 Aug 2020, Douglas Fischer wrote: I think that the subject of the e-mail is very self-explanatory. With some analysis of what is running over our network, ISP or ITP, we will be able to see some TCP/UDP(mostly UDP) packets with source or destination to port 0. I can think of a genui

Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

Douglas, I think a fairly easy thing to do is see what other large retail ISPs have done. Comcast, as an example, lists all of the ports they block and 0 is blocked. I do recommend that port 0 be blocked by all of the ISPs I work with and frankly Comcast's list is a pretty good one to use in gen

TCP and UDP Port 0 - Should an ISP or ITP Block it?

I think that the subject of the e-mail is very self-explanatory. With some analysis of what is running over our network, ISP or ITP, we will be able to see some TCP/UDP(mostly UDP) packets with source or destination to port 0. I can think of a genuine use of it. (Maybe someone cloud help me see w