On 04/23/10 20:01, Chris MacDermaid wrote:
Mike,
Port 111 is the sunrpc port. This is also know as the portmapper because
it provides a mapping between available services and their ports.
Port 111 isn't needed for LDM. From what I understand, a LDM client
first tries to connect to port 388. If that fails the client then tries
to connect using the portmapper service on port 111. In your case, it
appears the connection on port 388 is failing for some reason.
The port-mapping part of Remote Procedure Call was an idea from the
1980s/1990s where, rather than being limited to TCP and UDP ports (64k of
each) -- which were rapidly being eaten up with "known" services at the
time -- you could just have a port mapper that would accept a connection on
a single port (111), look at the requested service number (see /etc/rpc for
examples), and then assign the connection a random port. Given that there
were potentially thousands or millions of procedures that you might want to
call on other systems, this was sort of mandatory.
NFS works this way and is still the bane of administrators. :-)
Fortunately, most distributions allow you to "pin" the various NFS-related
services to a specific port to make firewall configs simpler.
RPC, the whole thing, is still interesting, in that it allows exactly what
it says: calling a procedure on a remote system. Lots more detail about
RPC in Wikipedia but you'll also read that it's been mostly obsoleted by
other, similar protocols.
As noted, the default for LDM is now to use 388/tcp and 388/udp and only
use RPC (service 300029!) as a fall-back.
It's probably worth considering making it a compile-time or run-time option
to disable RPC entirely since most LDM servers don't seem to use it.
--
Peter Laws / N5UWY
National Weather Center / Network Operations Center
University of Oklahoma Information Technology
plaws@xxxxxx
-----------------------------------------------------------------------
Feedback? Contact my director, Craig Cochell, craigc@xxxxxx. Thank you!