How to Check if a Port is Open on RedHat/CentOS: Testing SLP (Port 427) for Multicast UDP Traffic


2 views

When working with Service Location Protocol (SLP) on RedHat/CentOS systems, verifying port availability becomes particularly tricky because:

  • SLP operates on UDP port 427 (by default)
  • Traditional TCP-based testing methods won't work
  • Multicast traffic has different routing behaviors than unicast

Here are the most effective methods to verify port 427 status:

# Check listening UDP ports
sudo netstat -tulnp | grep 427
# Or using ss (modern alternative)
sudo ss -ulnp | grep 427
# For RHEL 8+/CentOS 8+:
sudo lsof -i :427

Since telnet only works for TCP, we need specialized tools:

# Install nc (netcat) if not present
sudo yum install nmap-ncat

# Test UDP port connectivity
nc -zv -u localhost 427
# For remote testing (replace 192.168.1.100 with your IP)
nc -zv -u 192.168.1.100 427

For SLP specifically, we need to verify multicast group membership:

# Check multicast routing table
route -n | grep 224.0.0

# Verify interface supports multicast
ip link show | grep MULTICAST

# Test multicast reception (in one terminal)
tcpdump -i eth0 port 427

# In another terminal, send test packet
echo "test" | nc -u 224.0.1.35 427

RHEL/CentOS firewall rules can block SLP traffic:

# Check firewall status
sudo firewall-cmd --list-all

# Temporarily allow SLP traffic
sudo firewall-cmd --add-port=427/udp --timeout=30s

For repeated testing, consider this bash script:

#!/bin/bash
PORT=427
TIMEOUT=2

echo "Testing UDP port $PORT..."

# Check if port is listening
if ss -uln | grep -q ":$PORT "; then
    echo "[OK] Port $PORT is listening"
else
    echo "[FAIL] Port $PORT not listening"
    exit 1
fi

# Test connectivity
if nc -zv -u 127.0.0.1 $PORT &>/dev/null; then
    echo "[OK] Local connectivity confirmed"
else
    echo "[WARN] Local connectivity test failed"
fi

# Multicast test
echo "Starting multicast test (CTRL+C to stop)..."
tcpdump -i any -c 5 port $PORT &
sleep 1
echo "test" | nc -u 224.0.1.35 $PORT

If you're still having problems with SLP implementation:

  • Verify /etc/slp.conf configuration
  • Check slpd daemon status: systemctl status slpd
  • Test with slptool if installed
  • Consider packet capture: tcpdump -i eth0 -nn -v port 427

When implementing Service Location Protocol (SLP) as defined in RFC 2608, verifying port availability is crucial. SLP typically uses UDP port 427 for multicast operations, which presents unique testing challenges compared to TCP ports.

Red Hat-based systems (including CentOS) provide several powerful network diagnostic tools:


# Check installed networking tools
rpm -q nmap nc net-tools lsof

For SLP implementation testing, these methods work best:

Method 1: Using netcat (nc)


# As a listener (on the target machine):
nc -ul 427

# As a sender (from another machine):
echo "test" | nc -u target_ip 427

Method 2: Using ss (socket statistics)


# Check for listening UDP ports
ss -ulnp | grep 427

# Expanded view with process info
ss -ulnp | grep -E 'State|427'

Don't forget to check firewall rules as they might silently drop packets:


# Check firewall rules for UDP 427
sudo firewall-cmd --list-all | grep 427
sudo iptables -L -n -v | grep 427

# Temporary allow (if needed)
sudo firewall-cmd --add-port=427/udp --permanent
sudo firewall-cmd --reload

For comprehensive SLP multicast testing:


# Join multicast group and listen
socat UDP4-RECV:427,ip-add-membership=224.0.1.22:0.0.0.0 -

When basic tools aren't available:


# Using Python for quick port check
python3 -c "import socket; s=socket.socket(socket.AF_INET,socket.SOCK_DGRAM); s.bind(('',427)); print('Listening on UDP 427')"

Key indicators of success:

  • ss/nc shows the port in LISTEN state
  • No firewall rules blocking the port
  • Multicast traffic appears when using packet capture

For packet-level verification, consider using tcpdump simultaneously:


sudo tcpdump -i any port 427 -vv