RPCBind / SunRPC
What is Port 111?
Port 111 is used by RPCBind (formerly portmapper), a service that maps Remote Procedure Call (RPC) program numbers to their network port numbers. Originally developed by Sun Microsystems as part of ONC RPC, RPCBind acts as a directory service for RPC-based applications. When an RPC service starts, it registers its program number and port with RPCBind. Clients query RPCBind on port 111 to discover which port a specific RPC service is listening on. RPCBind is essential for NFS (Network File System), NIS (Network Information Service), and many other Unix/Linux services. Despite its age, RPCBind remains a core component of NFS deployments on Linux systems and is still present in many modern distributions.
Common Uses
- NFS (Network File System) service discovery
- NIS and NIS+ directory service lookups
- RPC service registration and port mapping
- Legacy Unix/Linux distributed system communication
Technical Details
Copy-paste commands to check port 111 (RPCBind / SunRPC) from your terminal
Test connectivity
nc -zv example.com 111
curl -v --max-time 5 http://example.com:111/
telnet example.com 111
nmap -p 111 -sU -sV example.com
(echo > /dev/tcp/example.com/111) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 111/tcp
sudo iptables -A INPUT -p tcp --dport 111 -j ACCEPT
sudo firewall-cmd --permanent --add-port=111/tcp && sudo firewall-cmd --reload
Security Considerations
RPCBind has a long history of security vulnerabilities and should never be exposed to the internet. It can leak information about running services and has been used in DDoS amplification attacks. Block port 111 at the firewall for external traffic. If NFS is needed, use NFSv4 which doesn't require RPCBind. Restrict RPC services to trusted networks only.
Popular Ports Reference
The most commonly used and referenced network ports