git.baikalelectronics.ru Git - kernel.git/commit

author	Eric Dumazet <edumazet@google.com>
	Sun, 24 May 2015 21:49:35 +0000 (14:49 -0700)
committer	David S. Miller <davem@davemloft.net>
	Wed, 27 May 2015 17:30:44 +0000 (13:30 -0400)
commit	63e4fadda7ad50a9c6c25cb5465465c2fb204761
tree	47f456afc79f5493af730edc0611bf166ea2c68e	tree \| snapshot
parent	47c4f92c24477d35b8a8cab40cc04367caaba56c	commit \| diff

tcp/dccp: try to not exhaust ip_local_port_range in connect()

A long standing problem on busy servers is the tiny available TCP port
range (/proc/sys/net/ipv4/ip_local_port_range) and the default
sequential allocation of source ports in connect() system call.

If a host is having a lot of active TCP sessions, chances are
very high that all ports are in use by at least one flow,
and subsequent bind(0) attempts fail, or have to scan a big portion of
space to find a slot.

In this patch, I changed the starting point in __inet_hash_connect()
so that we try to favor even [1] ports, leaving odd ports for bind()
users.

We still perform a sequential search, so there is no guarantee, but
if connect() targets are very different, end result is we leave
more ports available to bind(), and we spread them all over the range,
lowering time for both connect() and bind() to find a slot.

This strategy only works well if /proc/sys/net/ipv4/ip_local_port_range
is even, ie if start/end values have different parity.

Therefore, default /proc/sys/net/ipv4/ip_local_port_range was changed to
32768 - 60999 (instead of 32768 - 61000)

There is no change on security aspects here, only some poor hashing
schemes could be eventually impacted by this change.

[1] : The odd/even property depends on ip_local_port_range values parity

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Documentation/networking/ip-sysctl.txt		diff \| blob \| history
net/ipv4/af_inet.c		diff \| blob \| history
net/ipv4/inet_hashtables.c		diff \| blob \| history