> Date: Sat, 01 Dec 2012 09:28:05 +0100 > From: Andre Oppermann <[email protected]> > > On 30.11.2012 15:09, Keith Arner wrote: >> I've noticed some issues with ephemeral port number selection from >> tcp_connect(), > > this is an excellent analysis. Could you please file it as a problem > report too and post the PR-number here so we can better track it?
Done. PR-number is: kern/174087 > From: Fernando Gont <[email protected]> > Subject: Re: Problems with ephemeral port selection > > Please take a look at the discussion on how to "steal" incomming > connections in Section 3.1 of RFC 6056. Fair point. I added your comment to kern/174087 when I filed it. The points made in RFC 6056 actually answer a few outstanding questions I had about why in_pcbbind_setup() behaves the way it does. In particular, I previously couldn't figure out why it was taking special consideration for unconnected sockets. With that in mind, I believe the criteria for check_suitable_port() (as described bt RFC 6056) should be*: A candidate ephemeral port is suitable if and only if: 1) There is no other existing local socket with the same 5-tuple. 2) There is no local socket using the same local port number, and with either a wildcard fport or wildcard faddr. I had previously suggested using in_pcblookup_hash() as a check_suitable_port() function. That would suffice for criterion #1, but would fall short for criterion #2. Looks like we need yet another pcb lookup function. Keith * Yes, I realize that my terminology freely mixes the abstract concepts in the RFC with the concrete language of the FreeBSD implementation. -- "A problem well put is half solved." _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[email protected]"
