Date: Wed, 2 Jun 2004 23:59:21 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Andre Oppermann <andre@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts Message-ID: <20040602061131.O35216@odysseus.silby.com> In-Reply-To: <40BDAEEF.2AECC3F0@freebsd.org> References: <20040602093940.N99493@atlantis.atlantis.dp.ua> <40BDAEEF.2AECC3F0@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2 Jun 2004, Andre Oppermann wrote: > The random generator indeed works badly. If it was truely random it > should generate a collision only every (1/range) on average. Maybe > the arc4random function reuses the same or small number of initial vectors > all over again leading to the same small set of 'randomized' ports. > > -- > Andre Or it's being seeded poorly by 4.x's inferior random number generator? (I don't know if it could be THAT bad.) It looks like we're really bumping into two things: 1. The need for something more suited to this purpose than arc4random (I'll have to check out Don's code in BIND.) 2. General port recycling issues. It sounds like sequential port allocation was masking problems of type #2 in the past. Mike "Silby" Silbersack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040602061131.O35216>