[c-nsp] Catalyst 4500 listening on TCP 6154 on all interfaces

frederic.jutzet at sig-telecom.net frederic.jutzet at sig-telecom.net
Thu May 3 00:52:46 EDT 2018 

Hi,

We have Cat 4500 series on SUP7L-E with IOS/XE 03.06.02.E/152(2).E2
which have TCP port 6154 listening on all interfaces.

Any idea what it could be ?

#show tcp brief all
TCB       Local Address               Foreign Address             (state)
...
5A529430  0.0.0.0.6154        <<<<<<<<<<<<<<<<


#show tcp tcb 5A529430
Connection state is LISTEN, I/O status: 1, unread input bytes: 0           
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255
Local host: 0.0.0.0, Local port: 6154
Foreign host: UNKNOWN, Foreign port: 0
Connection tableid (VRF): 1
Maximum output segment queue size: 50

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0xF58354):
Timer          Starts    Wakeups            Next
Retrans             0          0             0x0
TimeWait            0          0             0x0
AckHold             0          0             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            0          0             0x0
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss:          0  snduna:          0  sndnxt:          0
irs:          0  rcvnxt:          0

sndwnd:      0  scale:      0  maxrcvwnd:   4128
rcvwnd:   4128  scale:      0  delrcvwnd:      0

SRTT: 0 ms, RTTO: 2000 ms, RTV: 2000 ms, KRTT: 0 ms
minRTT: 60000 ms, maxRTT: 0 ms, ACK hold: 200 ms
uptime: 0 ms, Sent idletime: 0 ms, Receive idletime: 0 ms
Status Flags: gen tcbs
Option Flags: VRF id set, keepalive running, nagle, Reuse local address
  Retrans timeout
IP Precedence value : 0

Datagrams (max data segment is 516 bytes):
Rcvd: 0 (out of order: 0), with data: 0, total data bytes: 0
Sent: 0 (retransmit: 0, fastretransmit: 0, partialack: 0, Second
Congestion: 0), with data: 0, total data bytes: 0

 Packets received in fast path: 0, fast processed: 0, slow path: 0
 fast lock acquisition failures: 0, slow path: 0
TCP Semaphore      0x5BEB9B10  FREE





(The command "show control-plane host open-ports" is not available on
this platform/code)



I also think that if it would be a local socket for internal process
communication, it would be 127.0.0.1:6154 instead of 0.0.0.0:6154.
So this is listening on all interfaces, virtuals and physicals and seam
not to be for internal internal process communication.


Fred

More information about the cisco-nsp mailing list