From owner-freebsd-net@FreeBSD.ORG  Mon Mar  5 00:56:37 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 87F0316A400
	for <freebsd-net@freebsd.org>; Mon,  5 Mar 2007 00:56:37 +0000 (UTC)
	(envelope-from silby@silby.com)
Received: from relay01.pair.com (relay01.pair.com [209.68.5.15])
	by mx1.freebsd.org (Postfix) with SMTP id 2D33C13C478
	for <freebsd-net@freebsd.org>; Mon,  5 Mar 2007 00:56:37 +0000 (UTC)
	(envelope-from silby@silby.com)
Received: (qmail 50665 invoked from network); 5 Mar 2007 00:56:34 -0000
Received: from 209.68.2.70 (HELO localhost) (209.68.2.70)
	by relay01.pair.com with SMTP; 5 Mar 2007 00:56:34 -0000
X-pair-Authenticated: 209.68.2.70
Date: Sun, 4 Mar 2007 18:56:29 -0600 (CST)
From: Mike Silbersack <silby@silby.com>
To: Peter Jeremy <peterjeremy@optushome.com.au>
In-Reply-To: <20070302234240.GA9421@turion.vk2pj.dyndns.org>
Message-ID: <20070304185441.T10411@odysseus.silby.com>
References: <20070302234240.GA9421@turion.vk2pj.dyndns.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-net@freebsd.org
Subject: Re: TCP source port reuse problems
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Mar 2007 00:56:37 -0000


On Sat, 3 Mar 2007, Peter Jeremy wrote:

> First problem:  FreeBSD appears to be re-using source ports too
> rapidly.  My understanding is that a TCP socket ({src IP, src port,
> dst IP, dst port} tuple) should not be re-used for 120 seconds after
> teardown.  Sample tcpdumps and IPfilter whinges below show reuse
> after 66 and 83 seconds.

That's an incorrect understanding.  TIME_WAIT recycling has been in the 
BSD network stack for a long time, and Windows/Linux handle it also.

IPFilter is clearly broken if it's blocking the reuse of the port after 66 
seconds.  You should ask Darren to fix its state table.

Mike "Silby" Silbersack