net.inet.ip.portrange.randomized=1 hurts
Dmitry Pryanishnikov
dmitry at atlantis.dp.ua
Tue Jun 1 02:47:33 PDT 2004
Hello!
I've tried to install 4.10-RELEASE via FTP several times, but every time
(earlier or later) FTP transfers were aborted with code "425 Failed to
establish connection.", and FTP site selection menu popped up again. My FTP
server is vsftpd-1.2.2 server built from fresh ports on 4.7-RELEASE system.
First rule of firewall allows all traffic to and from my test machine on which
I'm trying to install 4.10-RELEASE. Finally I have found what happens.
Sometimes FTP client opens the same port for data which was used several
seconds ago, and passes it to the server via PORT command. On client's side,
this port is already free, but on server side it's steel in TIME_WAIT state.
So server tries to open connection server.20 -> client.PORT and apparently
gets an error indication from kernel because address is still in use.
The main question is: how to prevent this situation? Of course, as a
workaround I can set net.inet.ip.portrange.randomized to zero, but what's
the real solution? Is it FTP-client or FTP-server that should take care of
the previous DATA port usage? Or even network stack behaviour should be
further modified to avoid this collision?
Sincerely, Dmitry
--
Atlantis ISP, System Administrator
e-mail: dmitry at atlantis.dp.ua
nic-hdl: LYNX-RIPE
More information about the freebsd-net
mailing list