* tcp: ip_local_reserved_ports impact on inet_csk_get_port()
@ 2015-05-05 12:47 Erik Hugne
0 siblings, 0 replies; only message in thread
From: Erik Hugne @ 2015-05-05 12:47 UTC (permalink / raw)
To: davem, netdev; +Cc: Richard Alpe, Onar Olsen, ying.xue
Defining a port range in net.ipv4.ip_local_reserved_ports can cause a linear
and predictable behavior of inet_csk_get_port().
This occurs when smallest_rover = rover = prandom_u32() % remaining + low;
hits a value in the reserved range. The algorithm will then try the next
consecutive port number until a free port is found.
Example:
net.ipv4.ip_local_port_range = 32768 61000
net.ipv4.ip_local_reserved_ports = 35000-61000
This will give ~92% chance that the initial random port will be in the
reserved range, and that the port selection will be done linearly
starting from 32768.
Section 3.3 in RFC6056[1] describes several port selection algorithms, and Linux
seems to follow #1. This does not seem to be the best alternative since
e3826f1e946e ("net: reserve ports for applications using fixed port numbers")
If the local port range is set not to overlap with the reserved ports,
inet_csk_get_port will give a better randomness in the port selection.
//E
[1] https://tools.ietf.org/html/rfc6056
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2015-05-05 12:53 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-05-05 12:47 tcp: ip_local_reserved_ports impact on inet_csk_get_port() Erik Hugne
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).