[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <m3wstnioq5.fsf@bandura.englab.brq.redhat.com>
Date: Tue, 16 Oct 2007 07:59:46 +0200
From: Anton Arapov <aarapov@...hat.com>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: David Miller <davem@...emloft.net>, linux-kernel@...r.kernel.org,
linux-netdev@...r.kernel.org, davem@...hat.com, jgarzik@...hat.com
Subject: Re: [PATCH] ipv4: kernel panic when only one unsecured port available
Andrew Morton <akpm@...ux-foundation.org> writes:
> <looks>
>
> OK, in ipv4_local_port_range() we have
>
> if (range[1] <= range[0])
> ret = -EINVAL;
>
[...skipped...]
> : ip_local_port_range
> : -------------------
> :
> : Range of ports used by TCP and UDP to choose the local port. Contains two
> : numbers, the first number is the lowest port, the second number the highest
> : local port. Default is 1024-4999. Should be changed to 32768-61000 for
> : high-usage systems.
>
> ie: inclusive.
>
> Documentation/networking/ip-sysctl.txt says
>
> : ip_local_port_range - 2 INTEGERS
> : Defines the local port range that is used by TCP and UDP to
> : choose the local port. The first number is the first, the
> : second the last local port number. Default value depends on
> : amount of memory available on the system:
> : > 128Mb 32768-61000
> : < 128Mb 1024-4999 or even less.
> : This number defines number of active connections, which this
> : system can issue simultaneously to systems not supporting
> : TCP extensions (timestamps). With tcp_tw_recycle enabled
> : (i.e. by default) range 1024-4999 is enough to issue up to
> : 2000 connections per second to systems supporting timestamps.
>
> also inclusive.
I'm also agree, that we should have an ability to use the same
minimum/maximum port number for the cases when we want to use only
one port.
--
Anton Arapov, <aarapov@...hat.com>
GPG Key ID: 0x6FA8C812
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists