From owner-cvs-all@FreeBSD.ORG Mon Apr 26 11:43:00 2004 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8685C16A4CF for ; Mon, 26 Apr 2004 11:43:00 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id B88B343D58 for ; Mon, 26 Apr 2004 11:42:59 -0700 (PDT) (envelope-from andre@freebsd.org) Received: (qmail 49009 invoked from network); 26 Apr 2004 18:42:58 -0000 Received: from unknown (HELO freebsd.org) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 26 Apr 2004 18:42:58 -0000 Message-ID: <408D5832.83F3B979@freebsd.org> Date: Mon, 26 Apr 2004 20:42:58 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Mike Silbersack References: <200404232331.i3NNVsXV094917@repoman.freebsd.org> <20040423220212.C1915@odysseus.silby.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: cvs-src@freebsd.org cc: src-committers@freebsd.org cc: cvs-all@freebsd.org cc: Mike Tancsa Subject: Re: cvs commit: src/sys/netinet in_pcb.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2004 18:43:00 -0000 Mike Silbersack wrote: > > On Fri, 23 Apr 2004, Mike Tancsa wrote: > > > Hi, thanks for this commit. I notice, > > > > net.inet.ip.portrange.lowfirst: 1023 > > net.inet.ip.portrange.lowlast: 600 > > net.inet.ip.portrange.first: 1024 > > net.inet.ip.portrange.last: 5000 > > net.inet.ip.portrange.hifirst: 49152 > > net.inet.ip.portrange.hilast: 65535 > > net.inet.ip.portrange.randomized: 1 > > > > > > How are the ranges allocated to applications ? A quick test of 30 > > sequential outbound connections to another box on port 25 shows all > > allocations in the 1024 to 5000 range. Is this the way it is supposed to > > be ? Also, is there any caveats about moving that range from say 4000 to > > 20000 ? > > > > ---Mike > > The randomization is within the selected range, not randomization between > ranges. > > You can change the first -> last range to anything you like, as long as > you stay above 1024. The RFCs say to use 49152->65535, but some OSes use > 1024->32768, some use 32768->65535, so anything you pick will be equally > ok. :) We should change our defaults for first/last form the very limited space to something much larger: net.inet.ip.portrange.first: 1024 -> 1024 net.inet.ip.portrange.last: 5000 -> 49151 At least OpenBSD has it this big for quite some time. AFAIK NetBSD too. > Ignore the hifirst/hilast range, that's really only used by ftpd, it was a > way to give ftpd a larger range of ports without changing first/last. -- Andre