TCP and UDP Port 0 - Should an ISP or ITP Block it?

K. Scott Helms kscott.helms at gmail.com
Tue Aug 25 16:51:54 UTC 2020


That's correct, I can only blame my lack of coffee at that point for
the oversight.  I went back and looked at where we have this
implemented and it's only TCP.


Scott Helms


On Tue, Aug 25, 2020 at 8:46 AM Job Snijders <job at ntt.net> wrote:
>
> On Tue, Aug 25, 2020 at 08:27:24AM -0400, K. Scott Helms wrote:
> > Comcast is blocking it.  From the table on that page.
> >
> > "Port 0 is a reserved port, which means it should not be used by
> > applications. Network abuse has prompted the need to block this port."
>
> The 'Transport' column seems to indicate that TCP port 0 is blocked, but
> not that UDP port 0 is blocked. I believe there are comcast people on
> this mailing list, it would be interesting to hear what the
> considerations were to block one but not the other.
>
> > "What about UDP IP fragmentation?"
> >
> > I'm not sure I follow this.  The IP packet will be fragmented with UDP
> > inside it.  When the IP packet gets put together the UDP PDU will have
> > a port number.  It's possible that some packet analyzers or network
> > gear will improperly "see" a partial UDP flow as port 0 but that's a
> > mischaracterization of the flow.
>
> You are absolutely right. There is no layer-4 header in a fragment.
> 'port 0' in netflow/ipfix traffic analyzer tools when displayed may be
> the result of a lack of ability to label it differently in the
> datastructures used. "mischaracterization" is a fitting word :-)
>
> Kind regards,
>
> Job



More information about the NANOG mailing list