1. Ports
  2. Port 2603

Port 2603: Service Meter (IANA) / RIPng Daemon VTY (Quagga)

What IANA Says

IANA registered port 2603 under the name servicemeter — listed as "Service Meter" on both TCP and UDP. No RFC. No documentation. No organization claiming it. The registration exists, but what "Service Meter" was meant to do has been lost to time.1

In practice, this port belongs to something else entirely.

What Actually Runs Here

Port 2603 is the virtual terminal (VTY) port for ripngd — the RIPng routing daemon in Quagga and its successor, FRRouting (FRR).

RIPng is the IPv6 adaptation of the Routing Information Protocol, defined in RFC 2080. Where RIPv2 routes IPv4 traffic, RIPng routes IPv6. The ripngd daemon implements this protocol on Linux-based routers, and port 2603 is how administrators connect to configure and inspect it — a telnet-style management shell for the daemon itself.

The Quagga Port Sequence

Port 2603 doesn't stand alone. Quagga assigned a consecutive block of ports to its routing daemons, each one getting its own door:

PortDaemonProtocol
2600zebrasrvZebra server
2601zebraZebra VTY
2602ripdRIPv2 VTY
2603ripngdRIPng VTY
2604ospfdOSPFv2 VTY
2605bgpdBGP VTY
2606ospf6dOSPFv3 VTY

This is informal but consistent. No IANA registration for most of these — just a routing software suite that needed somewhere to put its management interfaces and picked a tidy sequential block.2

What Range This Port Belongs To

Port 2603 is a registered port (range 1024–49151). These ports are intended for services registered with IANA, but registration is voluntary and enforcement is nonexistent. The result: official IANA assignments and informal software conventions coexist in the same space, sometimes on the same port number. Port 2603 is a clean example of that tension.

Security Considerations

If you find port 2603 open on a machine, you may be looking at a Quagga or FRRouting installation with its ripngd VTY exposed. The VTY interface is a configuration shell — access to it means access to routing table manipulation. It should never be reachable from untrusted networks.

The VTY interface supports password protection, but historically Quagga deployments have shipped with weak or no passwords. If you see 2603 open on a device you manage, verify it's intentional and locked down.

How to Check What's Listening

# Linux - show what's on port 2603
ss -tlnp | grep 2603

# macOS
lsof -i :2603

# Check from outside the machine (requires nmap)
nmap -p 2603 <host>

If you see ripngd in the output, you have a Quagga/FRR installation. If you see something else, investigate — the "servicemeter" registration doesn't tell you much.

পূর্ববর্তী

Port 2602: ripd VTY — The Routing Daemon's Back Door

পরবর্তী

Port 2604: OSPFd VTY — The OSPF daemon's back door

এই পৃষ্ঠাটি কি সহায়ক ছিল?

😔
🤨
😃