Re: Controlling ports used by natd

• Previous message: Brett Glass: "Re: Controlling ports used by natd"
• In reply to: Barney Wolff: "Re: Controlling ports used by natd"
• Next in thread: Charles Swiger: "Re: Controlling ports used by natd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 23 Dec 2003 03:19:03 -0600 (CST)
To: Barney Wolff <barney@databus.com>

On Tue, 23 Dec 2003, Barney Wolff wrote:

> It is odd that libalias picks a port number, and then, if the "use sockets"
> option is set, tries to open a socket on that port. Perhaps if the above
> option is set, it should bind port 0 and use the port the kernel assigns.
>
> If folks think that's a good idea, I could produce a patch to alias_db.c
> for evaluation.
>
> --
> Barney Wolff http://www.databus.com/bwresume.pdf

I haven't looked at libalias, but there may be some method to the madness.
If you just ask the kernel for a source port, it can only hand out the
portrange of ports. However, if you know your source / destination tuple
beforehand, you may be able to get around the portrange limitation for
your concurrent connection count.

Now, whether or not libalias is smart enough and whether or not the kernel
is playing along is another question entirely. I looked into ephemeral
port allocation a few months ago, and it's an absolute nightmare to
determine what combination of socket / bind / connect calls are necessary
to get the best possible behavior. Hence why I gave up and enhanced
time_wait recycling instead. :)

Mike "Silby" Silbersack
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

• Previous message: Brett Glass: "Re: Controlling ports used by natd"
• In reply to: Barney Wolff: "Re: Controlling ports used by natd"
• Next in thread: Charles Swiger: "Re: Controlling ports used by natd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: Problem with socket ... Be aware that those port numbers are part of the IANA-assigned range. ... socket operations on sockets for which there are no handles... ... The result of using comma lists is ... you have used the completely meaningless word "crash" to describe your ... (microsoft.public.vc.mfc) Re: jails, ipfilter & stunnel ... > You first need to realize how kernel will choose listen socket. ... Now if there is open port outside ... > jail and inside some jail it is opened as well, ... (FreeBSD-Security) RE: call is blocked in recvfrom() and no further proceedings in Win CE ... In windows CE, I'm able to send a request but I'm unable to receive it. ... Create another socket & bind with server IP address. ... > My program has to send request to service through port 5070(in this port only ... (microsoft.public.windowsce.embedded) Re: ISA Event ... applying ISA SP1 resolved the issue. ... So it's worth asking - is this SBS ... > Web Proxy service failed to bind its socket to 192.168.4.9 port 443. ... (microsoft.public.backoffice.smallbiz2000) Re: Freebsd IP Forwarding performance (question, and some info) [7-stable, current, em, smp] ... INADDR_ANY and a specific port. ... sendtoon a specific address and port on a socket that has been bound to ... bogus exit code) and adds a sleep after send failure. ... unless HZ is too small or the queue is too large. ... (freebsd-net)