From owner-freebsd-net@FreeBSD.ORG Wed Jun 2 03:41:56 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 197F016A4CE for ; Wed, 2 Jun 2004 03:41:56 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id 510C243D45 for ; Wed, 2 Jun 2004 03:41:55 -0700 (PDT) (envelope-from andre@freebsd.org) Received: (qmail 93589 invoked from network); 2 Jun 2004 10:41:51 -0000 Received: from unknown (HELO freebsd.org) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 2 Jun 2004 10:41:51 -0000 Message-ID: <40BDAEEF.2AECC3F0@freebsd.org> Date: Wed, 02 Jun 2004 12:41:51 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Dmitry Pryanishnikov References: <20040602093940.N99493@atlantis.atlantis.dp.ua> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 10:41:56 -0000 Dmitry Pryanishnikov wrote: > > Hello! > > > Date: Tue, 1 Jun 2004 19:07:35 -0500 (CDT) > > From: Mike Silbersack > > > > On Tue, 1 Jun 2004, Andre Oppermann wrote: > > > >> A port should not be reused this fast. Maybe the randomness isn't > >> so random after all and choses the same port over again and again? > > > >We use arc4random, so I don't think that's likely, but it is possible. > > OK, I would like to provide some statistics based on FTP server log. > In the following table, first column is the total number of PORT commands > per FTP session, second is the number of PORT commands between the first and > second occurence of reused port (which is the cause of "425" error), third > column is the interval between those occurences in secons: > > Total # of PORT comm. Interval, # of PORT Interval, sec > > 558 35 50 > 336 50 20 > 165 160 55 > > So, it doesn't seem to me that random number generator works badly, but any > randomness doesn't _guarantee_ that port number won't repeat within 2*MSL > seconds, does it? Also I have heard of algorithms (but can't recollect now) > that actually guarantee non-repeatness of the large portion (up > to the interval range) of pseudo-random sequence. If we had such an algorihm > for random port allocation, we won't get reused ports so often (by default, > portrange.hilast=65535 and portrange.hifirst=49152, so theoretically we would > have 16383 non-repeated port numbers before the first repeat). The random generator indeed works badly. If it was truely random it should generate a collision only every (1/range) on average. Maybe the arc4random function reuses the same or small number of initial vectors all over again leading to the same small set of 'randomized' ports. -- Andre