net.inet.ip.portrange.randomized=1 hurts
Mike Silbersack
silby at silby.com
Thu Jun 3 00:20:18 PDT 2004
On Wed, 2 Jun 2004, Don Lewis wrote:
> Randomizing DNS query IDs without repeating any particular ID too
> quickly is a similar problem. I contributed some code to for this to
> BIND version 8 a number of years ago. See the nsid stuff in
> /usr/src/contrib/bind/bin/named/ns_main.c. There are some comments
> preceeding the code that explain the background and how it is supposed
> to work. Something like this might be suitable for port number
> allocation, though the potentially long time that a given port number
> might be in use would complicate things.
I just thought more about the issue at hand, and I think that changing the
randomization algorithm is probably not worth the effort. Instead, we'll
have to fix the server-side TIME_WAIT problem Dmitry is experiencing.
The simple reason is that any other OS which uses randomized ephemeral
ports will tickle the exact same port recycling problem, so reverting our
client behavior isn't a long-term solution.
I'm still too swamped to poke at the problem.
Mike "Silby" Silbersack
More information about the freebsd-net
mailing list