[freenet-dev] Too many ports open on Win?

Dave Hooper Thu, 13 Feb 2003 14:27:01 -0800

Someone was talking about this earlier, I wasn't involved in that discussion
because I felt I had nothing to add but a netstat performed earlier showed
this (edited for conciseness):


Before:  (background noise - edited out of remaining netstat dumps)
  Proto  Local Address          Foreign Address        State
  TCP    b-a-d-sector:epmap     b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:microsoft-ds  b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:1025      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:1027      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:3030      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:3033      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:3035      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:netbios-ssn  b-a-d-sector:0         LISTENING
  UDP    b-a-d-sector:epmap     *:*
  UDP    b-a-d-sector:microsoft-ds  *:*
  UDP    b-a-d-sector:1026      *:*
  UDP    b-a-d-sector:netbios-ns  *:*
  UDP    b-a-d-sector:netbios-dgm  *:*
  UDP    b-a-d-sector:isakmp    *:*

After starting fred: [all seems ok]
  Proto  Local Address          Foreign Address        State
  TCP    b-a-d-sector:8888      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8891      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:*****     b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8481      b-a-d-sector:0         LISTENING

After starting retrieving:  [why are ports 4115,6,8,20 listening?]
[what's connection to 8481 from 4111 and 4116 being used for?]
[If ephemeral ports, any way to control an allocation range for firewall
configuration?  If not, has connection been made FROM node ref TO e.g. port
4118?]
  Proto  Local Address          Foreign Address        State
  TCP    b-a-d-sector:4115      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4116      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4118      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4120      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8888      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8891      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:*****     b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4111      b-a-d-sector:8481      TIME_WAIT
  TCP    b-a-d-sector:4116      b-a-d-sector:8481      ESTABLISHED
  TCP    b-a-d-sector:8481      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8481      b-a-d-sector:4116      ESTABLISHED
  TCP    b-a-d-sector:4115      one.of.my.node.refs:ppppp  ESTABLISHED
  TCP    b-a-d-sector:4118      a.second.of.my.node.refs:qqqqq  ESTABLISHED
  TCP    b-a-d-sector:4120      a.third.of.my.node.refs:rrrrr  ESTABLISHED

Still receiving - a couple seconds later:
[again, why so many listening ports?]  [what's port 4125 for?]
  Proto  Local Address          Foreign Address        State
  TCP    b-a-d-sector:4115      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4120      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4125      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4130      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8888      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8891      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:*****     b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4111      b-a-d-sector:8481      TIME_WAIT
  TCP    b-a-d-sector:4116      b-a-d-sector:8481      TIME_WAIT
  TCP    b-a-d-sector:4125      b-a-d-sector:8481      ESTABLISHED
  TCP    b-a-d-sector:8481      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8481      b-a-d-sector:4125      ESTABLISHED
  TCP    b-a-d-sector:4115      one.of.my.node.refs:ppppp  ESTABLISHED
  TCP    b-a-d-sector:4120      a.third.of.my.node.refs:rrrrr  ESTABLISHED
  TCP    b-a-d-sector:4130      a.fourth.of.my.nodes.refs:sssss  ESTABLISHED

After *finishing* retrieving:
  Proto  Local Address          Foreign Address        State
  TCP    b-a-d-sector:4115      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4130      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8888      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8891      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:*****     b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4111      b-a-d-sector:8481      TIME_WAIT
  TCP    b-a-d-sector:4116      b-a-d-sector:8481      TIME_WAIT
  TCP    b-a-d-sector:4125      b-a-d-sector:8481      TIME_WAIT
  TCP    b-a-d-sector:8481      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:4115      one.of.my.node.refs:ppppp  ESTABLISHED
  TCP    b-a-d-sector:4130      a.fourth.of.my.nodes.refs:sssss  ESTABLISHED

After finishing retrieving, some time (thirty minutes?) later ...:
[why did it take so long for connection to some of the node refs to be torn
down?]
  Proto  Local Address          Foreign Address        State
  TCP    b-a-d-sector:8888      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8891      b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:*****     b-a-d-sector:0         LISTENING
  TCP    b-a-d-sector:8481      b-a-d-sector:0         LISTENING


Is this expected?  Could anyone quickly run me through the phases involved
here and the reasoning for, e.g. connections from 127.0.0.1:4118 to
127.0.0.1:8481?  Also if there's any way to control the allocation range of
ephemeral ports used during data transfer (assuming that's what they are -
for some reason I was expecting all traffic to be on my 'advertised' port of
*****, although I don't really know why).


d


_______________________________________________
devl mailing list
[EMAIL PROTECTED]
http://hawk.freenetproject.org:8080/cgi-bin/mailman/listinfo/devl

[freenet-dev] Too many ports open on Win?

Reply via email to