[1742] in Kerberos
Re: Official port number for kerberos server?
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Tue Jan 28 00:26:44 1992
Date: Mon, 27 Jan 92 23:50:36 -0500
From: tytso@Athena.MIT.EDU (Theodore Ts'o)
To: sjogren@TGV.COM
Cc: kerberos@Athena.MIT.EDU, tivoli!stic@shelby.MIT.EDU
In-Reply-To: Sam Sjogren's message of Mon, 27 Jan 92 18:16:27 PST,
Reply-To: tytso@Athena.MIT.EDU
Date: Mon, 27 Jan 92 18:16:27 PST
From: sjogren@TGV.COM (Sam Sjogren)
> Is there an official port number assigned to the Kerberos server? If
> not, is there a range recommended for it? Thanks.
SERVICE : TCP : 543 : KLOGIN :
SERVICE : TCP : 544 : KSHELL :
SERVICE : TCP : 750 : KERBEROS,KDC :
SERVICE : UDP : 750 : KERBEROS,KDC :
SERVICE : TCP : 752 : KRB_PROP :
Actually...... it turns out that port 750 was never officially assigned
to Kerberos, and in fact port 750 is reserved for the rfile and loadav
services. This was only noticed as we were preparing the Kerberos V5
RFC. The new reserved port for Kerberos (which was only assigned this
weekend) is port 88.
The current plan is that we will require in the RFC that Kerberos KDC's
to listen to the old port of 750 as well as the Kerberos port 88, and
get all the clients converted over to port 88 ASAP. This will be easy
to do for the V5 case since there should be few, if any, production
servers. For V4, this will be a bit trickier, since there quite a few
deployed servers out there, especially if you count the Kerberos servers
embedded in AFS cells. Probably the thing to do is to urge vendors to
modify their KDC's to listen on both port 88 and port 750. Since it
will take a while for this to happen, it probably wouldn't make sense to
move clients over to port 88 for the time being.
- Ted
