PingPlotter port use
I need to configure my firewall to not block PingPlotter data. Which ports do I need to open?
PingPlotter's port use varies depending on the packet type. We'll discuss the 3 primary packet types and the ports / protocols they use so you can configure your firewall to allow PingPlotter access.
ICMP packets do not use ports at all - ports are an attribute of both the UDP and TCP packet types, which are peers to ICMP. The packet type itself defines how it behaves, and ICMP functions without the need for ports.
Outgoing packets use ICMP echo requests (type 8). Returning packets use ICMP echo replies (type 0) and ICMP time exceeded (type 11), TTL expired in transit (sub-type/code 0).
- Outgoing: ICMP type 8 (echo request)
- Returning: ICMP type 0 (echo reply) and ICMP type 8 (sub-type 0), ICMP TTL expired in transit.
UDP Packet Type
UDP packets do use ports for outgoing - in a range from 33434 to roughly 33500. Response packets are similar to the ICMP type - where the intermediate hops use ICMP time exceeded (type 11, sub-type/code 0). The final destination response back with an ICMP Port Unreachable, though, rather than the echo reply of ICMP type.
- Outgoing: UDP Port 33434 to 33500
- Returning: ICMP type 3 sub-type 3, ICMP TTL expired in transit type 8 sub-type 0.
TCP Packet Types
The TCP packet type adds another capability - a reply type that isn't ICMP. The outgoing port is totally defined by you, the user, but most people use port 80 for outgoing requests. The reply is the other half of the TCP connect protocol (not ICMP!). Intermediate hops return the same data that the other packet types do - ICMP type 8, sub-type 0.
- Outgoing: TCP SYN - port 80 (or whatever port you specify)
- Returning: TCP ACK for final destination, ICMP TTL expired in transit type 8 sub-type 0.