Reserving localhost port numbers
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Tue Dec 2 20:13:30 UTC 2014
"FreeBSD Questioner" <freebsd-questions at gmx.com> writes:
> This question is regarding a networking scheme, utilizing multiple
> remote sensor systems in the field, which connect to a central freebsd
> server via ssh.
>
> When making these connections, the remote field systems "reverse
> tunnel" certain listening ports to the server via the ssh -R
> parameter.
Ouch. That's pretty ugly, and (because you'll be running TCP over TCP)
may not perform well. You might want to consider an architecture with an
intermediary agent on the central server instead.
> Since there are multiple field systems, each one has a unique offset
> to which to map it's listening ports, when tunneling them to the
> central server. This prevents multiple field systems from attempting
> to listen on the same port number on the central server.
>
> My question involves these listening port numbers on the central freebsd server:
>
> Is there a way to reserve a block of port numbers, preventing them
> from being used as "ephemeral" ports, by other network traffic on the
> central server?
>
> It would be desirable to reserve a block of 10000 or so ports, anywhere above the 1024 "privileged port" range.
>
> Thank you for any suggestions or references that may shed light on
> managing the networking stack's allocation of localhost port numbers.
Are the sysctls in the net.inet.ip.portrange. set what you're looking for?
More information about the freebsd-questions
mailing list