Douglas,

I think a fairly easy thing to do is see what other large retail ISPs have done. Comcast, as an example, lists all of the ports they block and 0 is blocked. I do recommend that port 0 be blocked by all of the ISPs I work with and frankly Comcast's list is a pretty good one to use in general, though you will get some pushback on things like SMTP.

https://www.xfinity.com/support/articles/list-of-blocked-ports

Transit providers are a little bit different, but then again port 0 is also different since AFAIK it's never had a legitimate use case. It's always been a reserved port. I'd personally block it if I ran a transit, but I'd be more willing to open it up for one of my large customers (in a limited way) than I would on the retail side.

https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml

Scott Helms

On Tue, Aug 25, 2020 at 7:16 AM Douglas Fischer <fischerdouglas@gmail.com> wrote:

I think that the subject of the e-mail is very self-explanatory.

With some analysis of what is running over our network, ISP or ITP, we will be able to see some TCP/UDP(mostly UDP) packets with source or destination to port 0.

I can think of a genuine use of it.
(Maybe someone cloud help me see what I'm not seen.)

So I have two questions:

a) Should an ISP block that Kind of traffic?
(like anti-spoofing on BNG/B-RAS)

b) Should a Transit Provider block that Kind of traffic?

--
Douglas Fernando Fischer
Engº de Controle e Automação