Results 1 to 4 of 4

Thread: Source Port mystery?

  1. #1

    Default Source Port mystery?

    Hi every one,

    I have a question regarding Source ports, below is one of the display entry of netstat -antl.

    My question is, how does Linux Box determine what source port(55729) to use when establishing a connection /Session?

    tcp 0 0 192.168.1.6:55729 130.57.4.15:80 ESTABLISHED

    I can understand the destination port(port 80), but not the source port.

    thanks,

  2. #2

    Default Re: Source Port mystery?

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Source ports for TCP/UDP connections are chosen at random from a system's
    available high ports. I assume you were thinking that the same port would
    be used on the source side as the destination, though that would not be
    conducive too an environment where you wanted to go to two sites at the
    same time (since you could not use port 80 to go to two sites (or more)
    simultaneously. Anyway, it's random and the way that TCP is designed.

    Good luck.





    ariyoshi wrote:
    > Hi every one,
    >
    > I have a question regarding Source ports, below is one of the display
    > entry of netstat -antl.
    >
    > My question is, how does Linux Box determine what source port(55729) to
    > use when establishing a connection /Session?
    >
    > tcp 0 0 192.168.1.6:55729 130.57.4.15:80 ESTABLISHED
    >
    > I can understand the destination port(port 80), but not the source
    > port.
    >
    > thanks,
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.9 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

    iQIcBAEBAgAGBQJKfaY/AAoJEF+XTK08PnB5CQoP/3mxRuImPP+pp3/8mNdlQhZG
    Ce4EETa5+IJf6FX1J5hHe0QZd98KF8cHIo8p302tjR/i+RaRiwf7AmmsAQSI/Ebm
    JiKh9NmIk4mubTj/4mXg6OKeKQLixnoPSjmUV3eiErpUMf04q/BY537W37+TILHE
    sVVjPkz6v7jCebBphhwV1hIOKjAlzXie9uNfBkn8H8kiUUBs2MQqTWNjmxRppfpa
    DzuzZjn+T3aI3a/6u0qe72twD5Atv8kalpAUP3JF4LJeMj4PiOOWnkg6MzCEfnXu
    h+YLkqQb6FQHMHxVbb4ILOE4ya6H8api664VfEL7ACkSTlQEZWFwnWZaLC7M7f43
    ZrpnKvHd3XZBC05Tj8tOWez6MFvXaeRqYzJcBWmbaB/jZ2PQINAIDWEQPCGFtNYD
    PdVB/PDQe2YsNIdDjbvzkwFolUwc56OieELEtoeSm0+XuVl6OaI0hot8RExLfK0p
    gRzIEDMbNRJUqbEW5YzYIyPD1o7hGr/SPnv+DOKGR+WLehvQwGJlnC++vDyvldYn
    bFU3aXfjuMBknC9oX/f57zfl27WTizyrNdWI5uN/TuT8uzoLXCMQqv/h2xelcGtG
    9sNY6w4DAZ6rUa6In8yGvR8g/X4sj9eO6rwFAcOLMi/K1lycUiYtN1uTZP+KimQo
    hLXgeHw5Wa1I6pcYry7g
    =tK0Z
    -----END PGP SIGNATURE-----

  3. #3
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,683
    Blog Entries
    4

    Default Re: Source Port mystery?

    What ab said.

    Generally there is no need to constrain the source port so the client chooses it at random. There are some (root operated) services that do choose a fixed source port when connecting to other servers to indicate that they are the "authorised" service. ntpd is one, and sometimes named is fixed at port 53.

  4. #4
    Join Date
    Jul 2008
    Location
    Voorhout, Netherlands
    Posts
    262

    Default Re: Source Port mystery?

    ken yap wrote:
    > What ab said.
    >
    > Generally there is no need to constrain the source port so the client
    > chooses it at random. There are some (root operated) services that do
    > choose a fixed -source- port when connecting to other servers to
    > indicate that they are the "authorised" service. ntpd is one, and
    > sometimes named is fixed at port 53.


    Of course, as with almost averything in Linux, this too can be tweaked.

    cat /proc/sys/net/ipv4/ip_local_port_range
    32768 61000

    echo "41000 61000" > /proc/sys/net/ipv4/ip_local_port_range

    cat /proc/sys/net/ipv4/ip_local_port_range
    41000 61000

    Theo

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •