With the introduction of Control Plane Policing features (available from 12.3(4)T), you can easily inspect all the open ports (servers and clients) on a router with the show control-plane host open-ports command, resulting in a printout very similar to the netstat -a printout on a Unix/Windows workstation.For example, on the router where I've configured BGP, HTTP server, NTP and DHCP, this command produces the following output (a session to a BGP neighbor as well as a telnet session was established):
R1#show control-plane host open-ports
Active internet connections (servers and established)
Prot Local Address Foreign Address Service State
tcp *:23 *:0 Telnet LISTEN
tcp *:80 *:0 HTTP CORE LISTEN
tcp *:179 *:0 BGP LISTEN
tcp *:179 10.0.7.2:43962 BGP ESTABLIS
tcp *:23 10.0.7.2:18036 Telnet ESTABLIS
udp *:67 *:0 DHCPD Receive LISTEN
udp *:68 *:0 BootP client LISTEN
udp *:123 *:0 NTP LISTEN
- This show command does not display non-TCP/UDP servers (OSPF, EIGRP, RSVP) or even some UDP-based services (RIP).
- Although I was considering writing about CPP for a long time, Artur Szymanski was the one that brought this command to my attention. Thanks!