From owner-freebsd-net@FreeBSD.ORG Fri Jan 8 15:30:23 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4E38B1065694 for ; Fri, 8 Jan 2010 15:30:23 +0000 (UTC) (envelope-from mahan@mahan.org) Received: from ns.mahan.org (ns.mahan.org [67.116.10.138]) by mx1.freebsd.org (Postfix) with ESMTP id 0A5FA8FC1B for ; Fri, 8 Jan 2010 15:30:22 +0000 (UTC) Received: from Gypsy.mahan.org (crowTrobot [67.116.10.140]) by ns.mahan.org (8.13.6/8.13.6) with ESMTP id o08FaBOL063553; Fri, 8 Jan 2010 07:36:11 -0800 (PST) (envelope-from mahan@mahan.org) Message-ID: <4B474F89.9020108@mahan.org> Date: Fri, 08 Jan 2010 07:30:17 -0800 From: Patrick Mahan User-Agent: Thunderbird 2.0.0.22 (X11/20090605) MIME-Version: 1.0 To: Janne Huttunen References: <4cd8d14e1001080238yfc2ee4cx6f261aa94f79a246@mail.gmail.com> In-Reply-To: <4cd8d14e1001080238yfc2ee4cx6f261aa94f79a246@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Anon port selection X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jan 2010 15:30:23 -0000 See inline - Janne Huttunen wrote: > Hi! > > The selection of anonymous port in FreeBSD seems to act > a bit weird (bug?). This was first observed on actual > use on FreeBSD 6.2, but I have verified that the it > behaves the same on a December snapshot of CURRENT too. > > 1. A process creates an UDP socket and sends a packet > from it (at which point a local port is assigned > for it). > 2. Another process creates an UDP socket, sets > SO_REUSEADDR (or SO_REUSEPORT) and sends a packet > from it (at which point a local port is assigned > for it). > > Every now and then it happens that the second process > gets the same local port as the first one. If the > second process doesn't set the socket option this > won't happen. Note however, that the first process > does not have to cooperate in any way i.e. it does > not set any options. > > Now, I'm fairly newbie when it comes to the FreeBSD > IP stack, but it seems to me that this phenomenon is > caused by the code in in_pcbconnect_setup(). If the > local port is zero the in_pcbbind_setup() is called > to select a port. That routine is called with the > local address set to the source address selected for > the outgoing packet, but when the port has been > selected, it is committed with INADDR_ANY as the > local address. Then when the second process in > in_pcbbind_setup() tries to check if the port is > already in use, it won't match the INADDR_ANY and > assigns the same port again. Well it has been almost 20 years since I first ran across this issue and was told back then that it was "as designed". I believe you will see that this only happens when INADDR_ANY is in effect. If instead you use a specific IP address as your source it should not happen. I have not had a chance to really go over the FreeBSD TCP/IP stack since the beginnings of FreeBSD back in the early 90's (we were using basically the same code for our product on a different architecture). As an example of what the person was explaining he pointed to the BIND code which expressly binds to each interface IP address instead of too INADDR_ANY to prevent snooping. I apologize if I am somewhat off base, having only re-entered playing with FreeBSD in the last few months. Patrick