Controlling ports used by natd
Mike Silbersack
silby at silby.com
Tue Dec 23 01:19:17 PST 2003
On Tue, 23 Dec 2003, Barney Wolff wrote:
> It is odd that libalias picks a port number, and then, if the "use sockets"
> option is set, tries to open a socket on that port. Perhaps if the above
> option is set, it should bind port 0 and use the port the kernel assigns.
>
> If folks think that's a good idea, I could produce a patch to alias_db.c
> for evaluation.
>
> --
> Barney Wolff http://www.databus.com/bwresume.pdf
I haven't looked at libalias, but there may be some method to the madness.
If you just ask the kernel for a source port, it can only hand out the
portrange of ports. However, if you know your source / destination tuple
beforehand, you may be able to get around the portrange limitation for
your concurrent connection count.
Now, whether or not libalias is smart enough and whether or not the kernel
is playing along is another question entirely. I looked into ephemeral
port allocation a few months ago, and it's an absolute nightmare to
determine what combination of socket / bind / connect calls are necessary
to get the best possible behavior. Hence why I gave up and enhanced
time_wait recycling instead. :)
Mike "Silby" Silbersack
More information about the freebsd-net
mailing list