This document explains LPR port usage.
Resolving The Problem
The i5/OS operating system uses the Line Printer Requester (LPR) TCP-based protocol when using the Send TCP/IP Spooled File (SNDTCPSPLF or LPR) commands or when a Remote Output Queue (RMTOUTQ) has been configured with the Connection type (CNNTYPE) parameter set to *IP. LPR on an IBM System i system always uses destination port 515 for sending TCP/IP frames to the remote device or remote system (for example, an IBM Infoprint 1140 printer or another iSeries family system) and uses a source port between 256 and 1024 for receiving TCP/IP frames from the remote device or remote system.
According to the Internet Engineering Task Force (IETF) Web site, www.ietf.org/, RFC 1179 Line Printer Daemon Protocol, section 3.1 (Message formats) states that:
LPR is a TCP-based protocol. The port on which a line printer daemon listens is 515. The source port must be in the range 721 to 731, inclusive. A line printer daemon responds to commands send to its port. All commands begin with a single octet code, which is a binary number which represents the requested function. The code is immediately followed by the ASCII name of the printer queue name on which the function is to be performed. If there are other operands to the command, they are separated from the printer queue name with white space (ASCII space, horizontal tab, vertical tab, and form feed). The end of the command is indicated with an ASCII line feed character.
This indicates that the operating system should limit its source ports to between 721 and 731 rather than using ports 256 through 1024. However, this would limit the operating system to 11 Remote Output Queues (RMTOUTQs) actively running on the system at one time. The decision to use ports 256 through 1024 was based on a draft version of RFC 1179, dated 24 Sept. 1991. Section 3.1 (Message formats) in the draft version of RFC 179 states that:
LPR is a TCP-based protocol. The port on which a line printer daemon listens is 515. The source port must be less than 1024. A line printer daemon responds to commands sent to its port. The daemon may choose not to accept the connection for several reasons:
- The source port is not "trusted" (in the BSD sense of being less than 1024).
- The originating host is not permitted to use the printing facilities provided by this host.
In these cases, the daemon sends an error message and closes the connection.
The draft version of RFC 1179 states that the source port must be less than 1024, rather than between 721 and 731.
For More Information
For more information, please refer to the following documents:
N1019536: Opening Ports on a Firewall for TCP/IP Printing
N1011229: TCP/IP Ports Required for IBM i Printing
18 December 2019