Why is the BGP base on TCP 1027 rather than 179?











up vote
5
down vote

favorite












Why is the BGP foreign address port 1027?



I use BGP to connect Router1 and Router2, but when I show the TCP progress:



Router1>show tcp brief 
TCB Local Address Foreign Address (state)
4E976890 10.0.0.1.179 10.0.0.2.1027 ESTABLISHED


We say the BGP is based on TCP port 179. Why is Router2's BGP on port 1027?










share|improve this question




























    up vote
    5
    down vote

    favorite












    Why is the BGP foreign address port 1027?



    I use BGP to connect Router1 and Router2, but when I show the TCP progress:



    Router1>show tcp brief 
    TCB Local Address Foreign Address (state)
    4E976890 10.0.0.1.179 10.0.0.2.1027 ESTABLISHED


    We say the BGP is based on TCP port 179. Why is Router2's BGP on port 1027?










    share|improve this question


























      up vote
      5
      down vote

      favorite









      up vote
      5
      down vote

      favorite











      Why is the BGP foreign address port 1027?



      I use BGP to connect Router1 and Router2, but when I show the TCP progress:



      Router1>show tcp brief 
      TCB Local Address Foreign Address (state)
      4E976890 10.0.0.1.179 10.0.0.2.1027 ESTABLISHED


      We say the BGP is based on TCP port 179. Why is Router2's BGP on port 1027?










      share|improve this question















      Why is the BGP foreign address port 1027?



      I use BGP to connect Router1 and Router2, but when I show the TCP progress:



      Router1>show tcp brief 
      TCB Local Address Foreign Address (state)
      4E976890 10.0.0.1.179 10.0.0.2.1027 ESTABLISHED


      We say the BGP is based on TCP port 179. Why is Router2's BGP on port 1027?







      cisco router bgp






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 26 at 10:09









      jonathanjo

      9,5211631




      9,5211631










      asked Nov 26 at 9:43









      three-blocks

      3306




      3306






















          3 Answers
          3






          active

          oldest

          votes

















          up vote
          9
          down vote



          accepted










          One side of the connection will have an arbitrary port number, the other will be on 179.



          Cisco Press "BGP Fundamentals" has a good explanation (link)




          the neighbor with the higher IP address manages the connection. The router initiating the request uses a dynamic source port, but the destination port is always 179.



          Example 1-1 shows an established BGP session using the command show tcp brief to display the active TCP sessions between routers. Notice that the TCP source port is 179 and the destination port is 59884 on R1, and the ports are opposite on R2.




          Example 1-1: Established BGP session

          RP/0/0/CPU0:R1# show tcp brief | exc "LISTEN|CLOSED"
          PCB VRF-ID Recv-Q Send-Q Local Address Foreign Address State
          0x088bcbb8 0x60000000 0 0 10.1.12.1:179 10.1.12.2:59884 ESTAB

          R2# show tcp brief
          TCB Local Address Foreign Address (state)
          EF153B88 10.1.12.2. 59884 10.1.12.1.179 ESTAB


          This is just the same as any other TCP connection: the passive open side sits and waits on a well-known port number; the active open side uses an arbitary port. This makes it much easier to manage many-to-many TCP links.






          share|improve this answer























          • What's the correct way to protect these random ports in iptables?
            – bswinnerton
            Dec 1 at 16:57












          • Question is about Cisco routers, what are you wanting to protect with iptables?
            – jonathanjo
            Dec 1 at 17:39


















          up vote
          4
          down vote













          TCP source vs. destination ports.



          To give a different example: HTTP servers listen on TCP port 80. So when you are connecting to a web server, you will automatically use TCP/80 as the destination port. However, the source port is a random one above 1024.



          The exact same thing happens with BGP - the client (the router initiating the connection) will connect to TCP destination port 179. But the source port for that connection will be a random high port.






          share|improve this answer




























            up vote
            2
            down vote













            In general, the BGP use TCP 179 port as the BGP service. the client connect BGP service port there is no limit.



            such as the SSH server use 22 as its port, there is no limit for the client port.






            share|improve this answer





















              Your Answer








              StackExchange.ready(function() {
              var channelOptions = {
              tags: "".split(" "),
              id: "496"
              };
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function() {
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled) {
              StackExchange.using("snippets", function() {
              createEditor();
              });
              }
              else {
              createEditor();
              }
              });

              function createEditor() {
              StackExchange.prepareEditor({
              heartbeatType: 'answer',
              convertImagesToLinks: false,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: null,
              bindNavPrevention: true,
              postfix: "",
              imageUploader: {
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              },
              noCode: true, onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              });


              }
              });














              draft saved

              draft discarded


















              StackExchange.ready(
              function () {
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f54979%2fwhy-is-the-bgp-base-on-tcp-1027-rather-than-179%23new-answer', 'question_page');
              }
              );

              Post as a guest















              Required, but never shown

























              3 Answers
              3






              active

              oldest

              votes








              3 Answers
              3






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes








              up vote
              9
              down vote



              accepted










              One side of the connection will have an arbitrary port number, the other will be on 179.



              Cisco Press "BGP Fundamentals" has a good explanation (link)




              the neighbor with the higher IP address manages the connection. The router initiating the request uses a dynamic source port, but the destination port is always 179.



              Example 1-1 shows an established BGP session using the command show tcp brief to display the active TCP sessions between routers. Notice that the TCP source port is 179 and the destination port is 59884 on R1, and the ports are opposite on R2.




              Example 1-1: Established BGP session

              RP/0/0/CPU0:R1# show tcp brief | exc "LISTEN|CLOSED"
              PCB VRF-ID Recv-Q Send-Q Local Address Foreign Address State
              0x088bcbb8 0x60000000 0 0 10.1.12.1:179 10.1.12.2:59884 ESTAB

              R2# show tcp brief
              TCB Local Address Foreign Address (state)
              EF153B88 10.1.12.2. 59884 10.1.12.1.179 ESTAB


              This is just the same as any other TCP connection: the passive open side sits and waits on a well-known port number; the active open side uses an arbitary port. This makes it much easier to manage many-to-many TCP links.






              share|improve this answer























              • What's the correct way to protect these random ports in iptables?
                – bswinnerton
                Dec 1 at 16:57












              • Question is about Cisco routers, what are you wanting to protect with iptables?
                – jonathanjo
                Dec 1 at 17:39















              up vote
              9
              down vote



              accepted










              One side of the connection will have an arbitrary port number, the other will be on 179.



              Cisco Press "BGP Fundamentals" has a good explanation (link)




              the neighbor with the higher IP address manages the connection. The router initiating the request uses a dynamic source port, but the destination port is always 179.



              Example 1-1 shows an established BGP session using the command show tcp brief to display the active TCP sessions between routers. Notice that the TCP source port is 179 and the destination port is 59884 on R1, and the ports are opposite on R2.




              Example 1-1: Established BGP session

              RP/0/0/CPU0:R1# show tcp brief | exc "LISTEN|CLOSED"
              PCB VRF-ID Recv-Q Send-Q Local Address Foreign Address State
              0x088bcbb8 0x60000000 0 0 10.1.12.1:179 10.1.12.2:59884 ESTAB

              R2# show tcp brief
              TCB Local Address Foreign Address (state)
              EF153B88 10.1.12.2. 59884 10.1.12.1.179 ESTAB


              This is just the same as any other TCP connection: the passive open side sits and waits on a well-known port number; the active open side uses an arbitary port. This makes it much easier to manage many-to-many TCP links.






              share|improve this answer























              • What's the correct way to protect these random ports in iptables?
                – bswinnerton
                Dec 1 at 16:57












              • Question is about Cisco routers, what are you wanting to protect with iptables?
                – jonathanjo
                Dec 1 at 17:39













              up vote
              9
              down vote



              accepted







              up vote
              9
              down vote



              accepted






              One side of the connection will have an arbitrary port number, the other will be on 179.



              Cisco Press "BGP Fundamentals" has a good explanation (link)




              the neighbor with the higher IP address manages the connection. The router initiating the request uses a dynamic source port, but the destination port is always 179.



              Example 1-1 shows an established BGP session using the command show tcp brief to display the active TCP sessions between routers. Notice that the TCP source port is 179 and the destination port is 59884 on R1, and the ports are opposite on R2.




              Example 1-1: Established BGP session

              RP/0/0/CPU0:R1# show tcp brief | exc "LISTEN|CLOSED"
              PCB VRF-ID Recv-Q Send-Q Local Address Foreign Address State
              0x088bcbb8 0x60000000 0 0 10.1.12.1:179 10.1.12.2:59884 ESTAB

              R2# show tcp brief
              TCB Local Address Foreign Address (state)
              EF153B88 10.1.12.2. 59884 10.1.12.1.179 ESTAB


              This is just the same as any other TCP connection: the passive open side sits and waits on a well-known port number; the active open side uses an arbitary port. This makes it much easier to manage many-to-many TCP links.






              share|improve this answer














              One side of the connection will have an arbitrary port number, the other will be on 179.



              Cisco Press "BGP Fundamentals" has a good explanation (link)




              the neighbor with the higher IP address manages the connection. The router initiating the request uses a dynamic source port, but the destination port is always 179.



              Example 1-1 shows an established BGP session using the command show tcp brief to display the active TCP sessions between routers. Notice that the TCP source port is 179 and the destination port is 59884 on R1, and the ports are opposite on R2.




              Example 1-1: Established BGP session

              RP/0/0/CPU0:R1# show tcp brief | exc "LISTEN|CLOSED"
              PCB VRF-ID Recv-Q Send-Q Local Address Foreign Address State
              0x088bcbb8 0x60000000 0 0 10.1.12.1:179 10.1.12.2:59884 ESTAB

              R2# show tcp brief
              TCB Local Address Foreign Address (state)
              EF153B88 10.1.12.2. 59884 10.1.12.1.179 ESTAB


              This is just the same as any other TCP connection: the passive open side sits and waits on a well-known port number; the active open side uses an arbitary port. This makes it much easier to manage many-to-many TCP links.







              share|improve this answer














              share|improve this answer



              share|improve this answer








              edited Nov 26 at 10:06

























              answered Nov 26 at 9:58









              jonathanjo

              9,5211631




              9,5211631












              • What's the correct way to protect these random ports in iptables?
                – bswinnerton
                Dec 1 at 16:57












              • Question is about Cisco routers, what are you wanting to protect with iptables?
                – jonathanjo
                Dec 1 at 17:39


















              • What's the correct way to protect these random ports in iptables?
                – bswinnerton
                Dec 1 at 16:57












              • Question is about Cisco routers, what are you wanting to protect with iptables?
                – jonathanjo
                Dec 1 at 17:39
















              What's the correct way to protect these random ports in iptables?
              – bswinnerton
              Dec 1 at 16:57






              What's the correct way to protect these random ports in iptables?
              – bswinnerton
              Dec 1 at 16:57














              Question is about Cisco routers, what are you wanting to protect with iptables?
              – jonathanjo
              Dec 1 at 17:39




              Question is about Cisco routers, what are you wanting to protect with iptables?
              – jonathanjo
              Dec 1 at 17:39










              up vote
              4
              down vote













              TCP source vs. destination ports.



              To give a different example: HTTP servers listen on TCP port 80. So when you are connecting to a web server, you will automatically use TCP/80 as the destination port. However, the source port is a random one above 1024.



              The exact same thing happens with BGP - the client (the router initiating the connection) will connect to TCP destination port 179. But the source port for that connection will be a random high port.






              share|improve this answer

























                up vote
                4
                down vote













                TCP source vs. destination ports.



                To give a different example: HTTP servers listen on TCP port 80. So when you are connecting to a web server, you will automatically use TCP/80 as the destination port. However, the source port is a random one above 1024.



                The exact same thing happens with BGP - the client (the router initiating the connection) will connect to TCP destination port 179. But the source port for that connection will be a random high port.






                share|improve this answer























                  up vote
                  4
                  down vote










                  up vote
                  4
                  down vote









                  TCP source vs. destination ports.



                  To give a different example: HTTP servers listen on TCP port 80. So when you are connecting to a web server, you will automatically use TCP/80 as the destination port. However, the source port is a random one above 1024.



                  The exact same thing happens with BGP - the client (the router initiating the connection) will connect to TCP destination port 179. But the source port for that connection will be a random high port.






                  share|improve this answer












                  TCP source vs. destination ports.



                  To give a different example: HTTP servers listen on TCP port 80. So when you are connecting to a web server, you will automatically use TCP/80 as the destination port. However, the source port is a random one above 1024.



                  The exact same thing happens with BGP - the client (the router initiating the connection) will connect to TCP destination port 179. But the source port for that connection will be a random high port.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Nov 26 at 14:45









                  Bogd

                  411




                  411






















                      up vote
                      2
                      down vote













                      In general, the BGP use TCP 179 port as the BGP service. the client connect BGP service port there is no limit.



                      such as the SSH server use 22 as its port, there is no limit for the client port.






                      share|improve this answer

























                        up vote
                        2
                        down vote













                        In general, the BGP use TCP 179 port as the BGP service. the client connect BGP service port there is no limit.



                        such as the SSH server use 22 as its port, there is no limit for the client port.






                        share|improve this answer























                          up vote
                          2
                          down vote










                          up vote
                          2
                          down vote









                          In general, the BGP use TCP 179 port as the BGP service. the client connect BGP service port there is no limit.



                          such as the SSH server use 22 as its port, there is no limit for the client port.






                          share|improve this answer












                          In general, the BGP use TCP 179 port as the BGP service. the client connect BGP service port there is no limit.



                          such as the SSH server use 22 as its port, there is no limit for the client port.







                          share|improve this answer












                          share|improve this answer



                          share|improve this answer










                          answered Nov 26 at 9:53









                          aircraft

                          544111




                          544111






























                              draft saved

                              draft discarded




















































                              Thanks for contributing an answer to Network Engineering Stack Exchange!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.





                              Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                              Please pay close attention to the following guidance:


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function () {
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f54979%2fwhy-is-the-bgp-base-on-tcp-1027-rather-than-179%23new-answer', 'question_page');
                              }
                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              Popular posts from this blog

                              Morgemoulin

                              Scott Moir

                              Souastre