Re: ip local port range

From: Bastiaan Bakker (bastiaan.bakker@lifeline.nl)
Date: Wed Jun 21 2000 - 16:47:41 EST

Next message: Andrew Pochinsky: "spinlock on Alpha ES40"
Previous message: Florian Lohoff: "Re: [2.4.0-test1-ac2] kernel oops on eject of pcmcia cards"
In reply to: David Ford: "Re: ip local port range"
Next in thread: H. Peter Anvin: "Re: ip local port range"
Reply: H. Peter Anvin: "Re: ip local port range"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David Ford wrote:

> It's even more trivial if you do this:
>
> echo "51024 54999" > /proc/sys/net/ipv4/ip_local_port_range
>

Actually I did :

echo "net.ipv4.ip_local_port_range = 51024 54999" >> /etc/sysctl.conf
sysctl -p

Sorry I did not mention I know how to work around the default configuration. I
just feel it would be nicer if Linux does the right thing right out of the box.
The current setting leads to random failures of applications expecting to get
their reserved port. The IANA reserved port list isn't there for nothing ! ;-)

Regards,

Bastiaan

>
> -d
>
> Bastiaan Bakker wrote:
>
> > Hi,
> >
> > As has been dicussed on this list in April, Linux does not follow the
> > IANA recommendation to use port number 49152 and higher for dynamic
> > ports. Albert D. Cahalan suggested changing the current range of 1024
> > till 4999 into 51024 till 514999. David Miller said 'Ok, this needs to
> > be fixed then.' but Andi Kleen objected that the change would cause
> > problems with poorly configured packes filters.
> > Since then, it has been quiet about the topic, and the kernel has not
> > been changed.
> > I would like to argue in favour of changing the range: first, it's the
> > 'right' thing to do. Secondly, the old range generates problems with
> > applications that expect to be able to bind to 'their' port. In
> > particular, I've experienced failures with HylaFAX, because the faxmail
> > delivery agent uses port 4558, which at random times already was
> > occupied.
> > Thirdly, it's trivial to get back the old range with sysctl if you need
> > compatibilty with broken packet filters.
> > There is still time to do this IANA compliancy change now, once 2.4.0 is
> > out we have to wait until at least 2.6, which may be a rather long
> > time.
> >
> > Regards,
> >
> > Bastiaan Bakker
> > LifeLine Networks BV
> >
> > PS. could you please CC replies to me, as I'm not subscribed to the
> > list.
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > the body of a message to majordomo@vger.rutgers.edu
> > Please read the FAQ at http://www.tux.org/lkml/
>
> --
> "The difference between 'involvement' and 'commitment' is like an
> eggs-and-ham breakfast: the chicken was 'involved' - the pig was
> 'committed'."

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Pochinsky: "spinlock on Alpha ES40"
Previous message: Florian Lohoff: "Re: [2.4.0-test1-ac2] kernel oops on eject of pcmcia cards"
In reply to: David Ford: "Re: ip local port range"
Next in thread: H. Peter Anvin: "Re: ip local port range"
Reply: H. Peter Anvin: "Re: ip local port range"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Jun 23 2000 - 21:00:22 EST