Port 1997: Cisco Gateway Discovery Protocol — A registered port with a quiet history

Port 1997 belongs to the registered ports range (1024-49151). These ports are assigned by IANA upon request from vendors and developers, but unlike the well-known ports below 1024, they don't require elevated privileges to use. They're the middle ground of the port world: official enough to have names, obscure enough that most people never encounter them.

This one has a name: gdp-port, registered to Cisco's Gateway Discovery Protocol.

What Gateway Discovery Protocol Did

GDP was a Cisco proprietary protocol designed to solve a specific problem: how does a host know which routers are available on its network?

Before a host can send traffic off its local segment, it needs a default gateway — a router to hand packets to. Normally, this is configured manually or assigned via DHCP. GDP offered a third way: let hosts listen on port 1997 and dynamically discover when routers came online or went offline.

The idea was sound. If a router fails, hosts shouldn't need a human to reconfigure them. GDP would let them detect the loss and potentially find an alternative. It used both TCP and UDP on port 1997.¹

Why You Won't Find It Running

GDP is a relic. The networking industry solved router discovery in other ways: HSRP, VRRP, and GLBP provide router redundancy at the protocol level. IPv6 built neighbor discovery into the core specification. The problem GDP tried to solve was solved better, and GDP quietly disappeared from active use.

The IANA registration remains. The port sits assigned, like a parking spot with someone's name on it but no car in sight.

Also Observed: Chizmo Networks Transfer Tool

Port 1997 also appears in some databases associated with a application called "Chizmo Networks Transfer Tool." This is a historical application-layer entry with limited documentation — not something you'd find on a modern network.²

What's Actually on Port 1997 Today

On a typical modern machine or network device, nothing. But if you want to check:

Linux/macOS:

# See what's listening on port 1997
ss -tlnp | grep 1997
# or
lsof -i :1997

Windows:

netstat -ano | findstr :1997

If something shows up, it's almost certainly a custom application or misconfiguration — not GDP.

Why Unassigned (and Forgotten) Ports Matter

The registered port range has thousands of entries like this: protocols that made sense at the time, got assigned a number, and then lost the evolutionary race. They matter for a few reasons:

Security scanning — Port scanners check these ranges. An unexpected listener on an obscure registered port is worth investigating.

Conflict avoidance — Developers choosing ports for new applications should check IANA's registry. Port 1997 is taken, even if nothing's using it.

Historical record — The port registry is a fossil record of networking's evolution. GDP tells you something about how Cisco thought about network resilience in the 1990s, before the industry converged on better solutions.