Incoming SSDP UDP 1900 filtering

Keith Medcalf kmedcalf at dessus.com
Thu Apr 11 20:45:32 UTC 2019


On Thursday, 11 April, 2019 08:08, Patrick McEvilly <patrick_mcevilly at harvard.edu> wrote:

>I'm working with Level3 on a similar problem.  They filter both UDP
>and TCP port 1900 on our peer to them.  This is blocking all
>connections that randomly use ephemeral tcp port 1900.

>They are refusing to remove the tcp port 1900 filter without
>dispensation from the DDoS security gods. I understand blocking UDP
>1900, what is the purpose of Level3 filtering tcp port 1900?

They are both port 1900 (that is, they have a 1900 in them -- they also probably block TCP/UDP 19000 bidirectionally as well, since that has a "1900" in it -- they likely also tried to block TCP/UDP 190000 as well, but for some reason even through that also has "1900" in it the firewall would not accept it as a 16-bit port number, so they submitted a bug report to the vendor and closed the ticket).  

In short, never ascribe to malice that which can be oh so easily and correctly attributed to ignorance, stupidity (incurable ignorance) and incompetence.

Besides, the "Internet" package that you purchased did not include that channel.  If you wish to receive channels 1900 and 19000 they are available as an add-on feature pack.

---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.







More information about the NANOG mailing list