Do you have a hard time remembering all those port-numbers? Most of them are probably burned-in to the back of your head. But some of them can be hard remembering. For me for instance, I can never remember which port BGP uses. The problem is that when doing your CCIE-lab you have no access to your best friend; Google.
The solution? Use the PAM-table in the routers. This port-to-application-mapping is used for inspection engines that need to know which ports to inspect when doing http inspection as an example. This table can be tweaked but the default mapping can give you a huge load of information about most protocol. The command is “show ip port-map”:
r1#sh ip port-map
Default mapping: snmp udp port 161 system defined
Default mapping: echo tcp port 7 system defined
Default mapping: echo udp port 7 system defined
Default mapping: telnet tcp port 23 system defined
Default mapping: wins tcp port 1512 system defined
Default mapping: n2h2server tcp port 9285 system defined
Default mapping: n2h2server udp port 9285 system defined
Default mapping: nntp tcp port 119 system defined
Default mapping: pptp tcp port 1723 system defined
Default mapping: rtsp tcp port 554,8554 system defined
Default mapping: bootpc udp port 68 system defined
Default mapping: gdoi udp port 848 system defined
r1#
The table is quite extensive so I recommend piping the output to find what you are looking for. Like this…
BGP?
r1#sh ip port-map | incl bgp
Default mapping: bgp tcp port 179 system defined
r1#
These Netbios-ports. Which is which?
r1#sh ip port-map | incl netbios
Default mapping: netbios-dgm udp port 138 system defined
Default mapping: netbios-ssn tcp port 139 system defined
Default mapping: netbios-ns udp port 137 system defined
r1#
And finally, what is that udp/520-traffic that shows up in my logs?
r1#sh ip port-map | incl 520
Default mapping: router udp port 520 system defined
r1#
(Well. It would have been clearer if they just said “RIP” instead of “router”, but you get the point…)
