I'm trying to make nfs firewall-friendly on a FC2 box. The init script
for nfs is nice enough to pick up a fixed port assignment for most of
the RPCs from /etc/sysconfig/nfs.

When I assign a fixed high port to rpc.statd, however, it opens not just
the port I assign it, but it also opens a random privileged udp port.
To make things more interesting, rpcinfo does not list the random port,
just the fixed port.

Why would statd need a random privileged port in addition to the fixed
port which I assign it?