Dynamic TCP Port: gt 1024 or gt 1023?
Hugo Caye
When editing an access-list to permit these dynamic TCP
ports established to come in, which one command will be the
correct?
access-list 101 permit tcp any any gt 1023
established
access-list 101 permit tcp any any gt 1024
established
The "gt" operand is only "greater than" or is
"greater or equal than".
In all the examples that I read, it's allways "gt
1024". Would it be "gt 1023"?
Looking at
http://www.isi.edu/in-notes/iana/assignments/port-numbers
the TCP 1024 port is Reserved...
Hugo Caye
O__ ----
c/ /'_ ---
(*) \(*) --
~~~~~~~~
mcse ccda
mcneł cip
Barry Margolin
Hugo Caye <Hu...@micmac.com.br> wrote:
> The dynamic TCP ports range is from 1024 to 65535.
>When editing an access-list to permit these dynamic TCP
>ports established to come in, which one command will be the
>correct?
>
> access-list 101 permit tcp any any gt 1023
>established
> access-list 101 permit tcp any any gt 1024
>established
We use "gt 1023".
In practice, it probably doesn't matter a whole lot, since most OS's
actually start assigning ephemeral ports much higher than this, e.g. 32268.
--
Barry Margolin, bar...@bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Don't bother cc'ing followups to me.
AtheneYC
Hugo Caye wrote in message <9144545...@news.Colorado.EDU>...
> The dynamic TCP ports range is from 1024 to 65535.
>When editing an access-list to permit these dynamic TCP
>ports established to come in, which one command will be the
>correct?
>
> access-list 101 permit tcp any any gt 1023
>established
> access-list 101 permit tcp any any gt 1024
>established
>
> The "gt" operand is only "greater than" or is
>"greater or equal than".
> In all the examples that I read, it's allways "gt
>1024". Would it be "gt 1023"?
> Looking at
>http://www.isi.edu/in-notes/iana/assignments/port-numbers
>the TCP 1024 port is Reserved...
>
> Hugo Caye
>
>O__ ----
>c/ /'_ ---
>(*) \(*) --
>~~~~~~~~
>mcse ccda
>mcne?cip
>