On 09/04/98 00:12:22 you wrote:
I thought this follow-up (to a thread from several months ago) might be interesting for people at sites that stress time synchronization.
Daniel Quinlan quinlan@transmeta.com wrote:
To prevent it from happening again, we're remotely monitoring the system time of the adminhost (using "mon") to make sure it doesn't drift off again. Incidentally, there seems to be no way to remotely query the system time from a NetApp (except by creating a new file and running stat() on it, or by using unsupported/hidden commands).
So, I started monitoring the time with the kludgey method of creating a file and using stat() on it. I wasn't very happy with that method because it tended to give false alerts, so I eventually disabled it.
Earlier this week, we had another problem with time synchronization. It wasn't actually the NetApp, but I still had to rule it out because it wasn't being monitored. I tried port-scanning a NetApp, looking for some hidden protocol that might let me reliably query the time. Here's what I found:
port tcp udp
23 telnet - 80 http -111 sunrpc sunrpc 137 - netbios-ns 138 - netbios-dgm 139 netbios-ssn - 161 - snmp 514 shell syslog 520 - route 602 - unknown 603 unknown - 604 - unknown 605 unknown - 606 - unknown 607 unknown - 608 - unknown 609 unknown - 618 - unknown 619 - unknown 620 unknown - 1063 - unknown 2049 nfs nfs 10000 unknown -
A lot of unknown services (ones not listed in /etc/services, some are probably NDMP.
I thought the 600 ports were for rsh, but by they alternate between TCP and UDP, and aren't contiguous, I don't know.
I have no idea what 10000 is for.
Bruce
+----- On Fri, 04 Sep 1998 03:26:31 CDT, writes: [...] | > 602 - unknown | > 603 unknown - | > 604 - unknown | > 605 unknown - | > 606 - unknown | > 607 unknown - | > 608 - unknown | > 609 unknown - | > 618 - unknown | > 619 - unknown | > 620 unknown - | > 1063 - unknown | > 2049 nfs nfs | > 10000 unknown - | > | >A lot of unknown services (ones not listed in /etc/services, some are | >probably NDMP. | | I thought the 600 ports were for rsh, but by they alternate | between TCP and UDP, and aren't contiguous, I don't know. | | I have no idea what 10000 is for.
ftp://ftp.isi.edu/in-notes/iana/assignments/port-numbers is always a good place to start:
urm 606/tcp Cray Unified Resource Manager urm 606/udp Cray Unified Resource Manager nqs 607/tcp nqs nqs 607/udp nqs # Bill Schiefelbein schief@aspen.cray.com sift-uft 608/tcp Sender-Initiated/Unsolicited File Transfer sift-uft 608/udp Sender-Initiated/Unsolicited File Transfer # Rick Troth troth@rice.edu npmp-trap 609/tcp npmp-trap npmp-trap 609/udp npmp-trap
# Christopher Durham chrisdu@sco.com dei-icda 618/tcp DEI-ICDA dei-icda 618/udp DEI-ICDA # David Turner digital@Quetico.tbaytel.net digital-evm 619/tcp Digital EVM digital-evm 619/udp Digital EVM # Jem Treadwell jem@unx.dec.com sco-websrvrmgr 620/tcp SCO WebServer Manager sco-websrvrmgr 620/udp SCO WebServer Manager
I doubt that these are correct though and I suggest that you use rpcinfo to see if these ports are attached to an rpc (they are here).
# Anoop Tewari anoop@next.distinct.com ndmp 10000/tcp Network Data Management Protocol ndmp 10000/udp Network Data Management Protocol
/Michael
On 09/04/98 00:12:22 you wrote:
10000 unknown -
A lot of unknown services (ones not listed in /etc/services, some are probably NDMP.
I thought the 600 ports were for rsh, but by they alternate between TCP and UDP, and aren't contiguous, I don't know.
I have no idea what 10000 is for.
NDMP.
Sm
I thought the 600 ports were for rsh, but by they alternate between TCP and UDP, and aren't contiguous, I don't know.
TCP port 514 is for "rsh":
port tcp udp
...
514 shell syslog
The 600 ports you see are probably for ONC RPC services other than the one officially assigned a port because ONC doesn't work if you don't give it a well-known port (i.e., portmapper/rpcbind, port 111) and the one that could, in theory, use any port, but always gets a fixed port in practice and the spec for version 3 of which says "use port 2049" (NFS).
Try "rpcinfo -p" against the server, to see what ports various ONC RPC services were assigned. No guarantees that a given service will get the same port every time it's started.
-
guy@netapp.com -
Michael Salmon -
sirbruce@ix.netcom.com -
stephen@netapp.com