Date: Tue, 02 Dec 2014 15:13:23 -0500 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: "FreeBSD Questioner" <freebsd-questions@gmx.com> Cc: freebsd-questions@freebsd.org Subject: Re: Reserving localhost port numbers Message-ID: <44d281ajz0.fsf@be-well.ilk.org> In-Reply-To: <trinity-2843f6bc-834a-464e-a671-a16327e982ae-1417549546056@3capp-mailcom-lxa06> (FreeBSD Questioner's message of "Tue, 2 Dec 2014 20:45:46 %2B0100") References: <trinity-2843f6bc-834a-464e-a671-a16327e982ae-1417549546056@3capp-mailcom-lxa06>
next in thread | previous in thread | raw e-mail | index | archive | help
"FreeBSD Questioner" <freebsd-questions@gmx.com> writes: > This question is regarding a networking scheme, utilizing multiple > remote sensor systems in the field, which connect to a central freebsd > server via ssh. > > When making these connections, the remote field systems "reverse > tunnel" certain listening ports to the server via the ssh -R > parameter. Ouch. That's pretty ugly, and (because you'll be running TCP over TCP) may not perform well. You might want to consider an architecture with an intermediary agent on the central server instead. > Since there are multiple field systems, each one has a unique offset > to which to map it's listening ports, when tunneling them to the > central server. This prevents multiple field systems from attempting > to listen on the same port number on the central server. > > My question involves these listening port numbers on the central freebsd server: > > Is there a way to reserve a block of port numbers, preventing them > from being used as "ephemeral" ports, by other network traffic on the > central server? > > It would be desirable to reserve a block of 10000 or so ports, anywhere above the 1024 "privileged port" range. > > Thank you for any suggestions or references that may shed light on > managing the networking stack's allocation of localhost port numbers. Are the sysctls in the net.inet.ip.portrange. set what you're looking for?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44d281ajz0.fsf>