Can TCPv4 source and destination ports conflict with each other? Or do source and destination ports live in...
Let me be more specific about my question with an example: Let's say that I have a slew of little servers that all start up on different ports using TCPv4. These ports are going to be destination ports, of course. Let's further assume that these little servers don't just start up at boot time like a typical server, but rather they churn dynamically based on demand. They start up when needed, and may shut themselves down for a while, and then later start up again.
Now let's say that on this same computer, we also have lots of client processes making requests to server processes on other computers via TCPv4. When a client makes such a request, it is assigned a source port by the OS.
Let's say for the sake of this example that a client processes makes a web request to a RESTful server running on a different computer. Let's also say that the source port assigned by the OS to this request is port 7777.
For this example let's also say that while the above request is still occurring, one of our little servers wants to start up, and it wants to start up on destination port 7777.
My question is will this cause a conflict? I.e., will the server get an error because port 7777 is already in use? Or will everything be fine because these two different kinds of ports live in different address spaces that cannot conflict with each other?
One reason I'm worried about the potential for conflict here is that I've seen web pages that say that "ephemeral source port selection" is typically done in a port number range that begins at a relatively high number. Here is such a web page:
https://www.cymru.com/jtk/misc/ephemeralports.html
A natural assumption for why source ports would begin at high numbers, rather than just starting at 1, is to avoid conflict with the destination ports used by server processes. Though I haven't yet seen anything that explicitly comes out and says that this is the case.
P.S. There is, of course, a potential distinction between what the TCPv4 protocol spec has to say on this issue, and what OSes actually do. E.g., perhaps the protocol is agnostic, but OSes tend to only use a single address space? Or perhaps different OSes treat the issue differently?
Personally, I'm most interested at the moment in what Linux would do.
linux unix tcp network-programming
asked Jan 18 at 23:53
DouglasDouglas
1,30911319
add a comment |
Let me be more specific about my question with an example: Let's say that I have a slew of little servers that all start up on different ports using TCPv4. These ports are going to be destination ports, of course. Let's further assume that these little servers don't just start up at boot time like a typical server, but rather they churn dynamically based on demand. They start up when needed, and may shut themselves down for a while, and then later start up again.
Now let's say that on this same computer, we also have lots of client processes making requests to server processes on other computers via TCPv4. When a client makes such a request, it is assigned a source port by the OS.
Let's say for the sake of this example that a client processes makes a web request to a RESTful server running on a different computer. Let's also say that the source port assigned by the OS to this request is port 7777.
For this example let's also say that while the above request is still occurring, one of our little servers wants to start up, and it wants to start up on destination port 7777.
My question is will this cause a conflict? I.e., will the server get an error because port 7777 is already in use? Or will everything be fine because these two different kinds of ports live in different address spaces that cannot conflict with each other?
One reason I'm worried about the potential for conflict here is that I've seen web pages that say that "ephemeral source port selection" is typically done in a port number range that begins at a relatively high number. Here is such a web page:
https://www.cymru.com/jtk/misc/ephemeralports.html
A natural assumption for why source ports would begin at high numbers, rather than just starting at 1, is to avoid conflict with the destination ports used by server processes. Though I haven't yet seen anything that explicitly comes out and says that this is the case.
P.S. There is, of course, a potential distinction between what the TCPv4 protocol spec has to say on this issue, and what OSes actually do. E.g., perhaps the protocol is agnostic, but OSes tend to only use a single address space? Or perhaps different OSes treat the issue differently?
Personally, I'm most interested at the moment in what Linux would do.
linux unix tcp network-programming
asked Jan 18 at 23:53
DouglasDouglas
1,30911319
A connection is unique and defined by the n-tuple{src addr, src port, dest addr, dest port}Sometimes protocol is used when there could be ambiguity, like{tcp, src addr, src port, dest addr, dest port}. As far as I know, there are no collisions unless information is not used, like{dest addr, dest port}.
– jww
Jan 19 at 0:04
Thanks @jww. What I'm not sure of in your answer, is that packets that come back from the server have their source port and destination ports reversed. So, for the incoming packet coming back from the server, it seems as if it could in theory conflict with a packet coming from a client process on the remote machine to a server process on the local machine. This problem could, of course, be resolved with a single bit in the packet indicating whether the packet is coming from a "client" or a "server" process. But I don't know if such a bit exists in the protocol.
– Douglas
Jan 19 at 22:44
add a comment |
Let me be more specific about my question with an example: Let's say that I have a slew of little servers that all start up on different ports using TCPv4. These ports are going to be destination ports, of course. Let's further assume that these little servers don't just start up at boot time like a typical server, but rather they churn dynamically based on demand. They start up when needed, and may shut themselves down for a while, and then later start up again.
Now let's say that on this same computer, we also have lots of client processes making requests to server processes on other computers via TCPv4. When a client makes such a request, it is assigned a source port by the OS.
Let's say for the sake of this example that a client processes makes a web request to a RESTful server running on a different computer. Let's also say that the source port assigned by the OS to this request is port 7777.
For this example let's also say that while the above request is still occurring, one of our little servers wants to start up, and it wants to start up on destination port 7777.
My question is will this cause a conflict? I.e., will the server get an error because port 7777 is already in use? Or will everything be fine because these two different kinds of ports live in different address spaces that cannot conflict with each other?
One reason I'm worried about the potential for conflict here is that I've seen web pages that say that "ephemeral source port selection" is typically done in a port number range that begins at a relatively high number. Here is such a web page:
https://www.cymru.com/jtk/misc/ephemeralports.html
A natural assumption for why source ports would begin at high numbers, rather than just starting at 1, is to avoid conflict with the destination ports used by server processes. Though I haven't yet seen anything that explicitly comes out and says that this is the case.
P.S. There is, of course, a potential distinction between what the TCPv4 protocol spec has to say on this issue, and what OSes actually do. E.g., perhaps the protocol is agnostic, but OSes tend to only use a single address space? Or perhaps different OSes treat the issue differently?
Personally, I'm most interested at the moment in what Linux would do.
linux unix tcp network-programming
asked Jan 18 at 23:53
DouglasDouglas
1,30911319
Let me be more specific about my question with an example: Let's say that I have a slew of little servers that all start up on different ports using TCPv4. These ports are going to be destination ports, of course. Let's further assume that these little servers don't just start up at boot time like a typical server, but rather they churn dynamically based on demand. They start up when needed, and may shut themselves down for a while, and then later start up again.
Now let's say that on this same computer, we also have lots of client processes making requests to server processes on other computers via TCPv4. When a client makes such a request, it is assigned a source port by the OS.
Let's say for the sake of this example that a client processes makes a web request to a RESTful server running on a different computer. Let's also say that the source port assigned by the OS to this request is port 7777.
For this example let's also say that while the above request is still occurring, one of our little servers wants to start up, and it wants to start up on destination port 7777.
My question is will this cause a conflict? I.e., will the server get an error because port 7777 is already in use? Or will everything be fine because these two different kinds of ports live in different address spaces that cannot conflict with each other?
One reason I'm worried about the potential for conflict here is that I've seen web pages that say that "ephemeral source port selection" is typically done in a port number range that begins at a relatively high number. Here is such a web page:
https://www.cymru.com/jtk/misc/ephemeralports.html
A natural assumption for why source ports would begin at high numbers, rather than just starting at 1, is to avoid conflict with the destination ports used by server processes. Though I haven't yet seen anything that explicitly comes out and says that this is the case.
P.S. There is, of course, a potential distinction between what the TCPv4 protocol spec has to say on this issue, and what OSes actually do. E.g., perhaps the protocol is agnostic, but OSes tend to only use a single address space? Or perhaps different OSes treat the issue differently?
Personally, I'm most interested at the moment in what Linux would do.
linux unix tcp network-programming
linux unix tcp network-programming
asked Jan 18 at 23:53
DouglasDouglas
1,30911319
asked Jan 18 at 23:53
DouglasDouglas
1,30911319
edited Jan 21 at 22:29
Douglas
asked Jan 18 at 23:53
DouglasDouglas
1,30911319
asked Jan 18 at 23:53
DouglasDouglas
1,30911319
asked Jan 18 at 23:53
DouglasDouglas
1,30911319
1,30911319
A connection is unique and defined by the n-tuple{src addr, src port, dest addr, dest port}Sometimes protocol is used when there could be ambiguity, like{tcp, src addr, src port, dest addr, dest port}. As far as I know, there are no collisions unless information is not used, like{dest addr, dest port}.
– jww
Jan 19 at 0:04
Thanks @jww. What I'm not sure of in your answer, is that packets that come back from the server have their source port and destination ports reversed. So, for the incoming packet coming back from the server, it seems as if it could in theory conflict with a packet coming from a client process on the remote machine to a server process on the local machine. This problem could, of course, be resolved with a single bit in the packet indicating whether the packet is coming from a "client" or a "server" process. But I don't know if such a bit exists in the protocol.
– Douglas
Jan 19 at 22:44
add a comment |
A connection is unique and defined by the n-tuple{src addr, src port, dest addr, dest port}Sometimes protocol is used when there could be ambiguity, like{tcp, src addr, src port, dest addr, dest port}. As far as I know, there are no collisions unless information is not used, like{dest addr, dest port}.
– jww
Jan 19 at 0:04
Thanks @jww. What I'm not sure of in your answer, is that packets that come back from the server have their source port and destination ports reversed. So, for the incoming packet coming back from the server, it seems as if it could in theory conflict with a packet coming from a client process on the remote machine to a server process on the local machine. This problem could, of course, be resolved with a single bit in the packet indicating whether the packet is coming from a "client" or a "server" process. But I don't know if such a bit exists in the protocol.
– Douglas
Jan 19 at 22:44
A connection is unique and defined by the n-tuple
{src addr, src port, dest addr, dest port} Sometimes protocol is used when there could be ambiguity, like {tcp, src addr, src port, dest addr, dest port}. As far as I know, there are no collisions unless information is not used, like {dest addr, dest port}.– jww
Jan 19 at 0:04
A connection is unique and defined by the n-tuple
{src addr, src port, dest addr, dest port} Sometimes protocol is used when there could be ambiguity, like {tcp, src addr, src port, dest addr, dest port}. As far as I know, there are no collisions unless information is not used, like {dest addr, dest port}.– jww
Jan 19 at 0:04
Thanks @jww. What I'm not sure of in your answer, is that packets that come back from the server have their source port and destination ports reversed. So, for the incoming packet coming back from the server, it seems as if it could in theory conflict with a packet coming from a client process on the remote machine to a server process on the local machine. This problem could, of course, be resolved with a single bit in the packet indicating whether the packet is coming from a "client" or a "server" process. But I don't know if such a bit exists in the protocol.
– Douglas
Jan 19 at 22:44
Thanks @jww. What I'm not sure of in your answer, is that packets that come back from the server have their source port and destination ports reversed. So, for the incoming packet coming back from the server, it seems as if it could in theory conflict with a packet coming from a client process on the remote machine to a server process on the local machine. This problem could, of course, be resolved with a single bit in the packet indicating whether the packet is coming from a "client" or a "server" process. But I don't know if such a bit exists in the protocol.
– Douglas
Jan 19 at 22:44
add a comment |
1 Answer
1
active
oldest
votes
The TCP specification says that connections are identified by the tuple:
{local addr, local port, remote addr, remote port}
Based on this, there theoretically shouldn't be a conflict between a local port used in an existing connection and trying to bind that same port for a server to listen on, since the listening socket doesn't have a remote address/port (these are represented as wildcards in the spec).
However, most TCP implementations, including the Unix sockets API, are more strict than this. If the local port is already in use in any existing socket, you won't be able to bind it, you'll get the error EADDRINUSE. A special exception is made if the existing sockets are all in TIME_WAIT state and the new socket has the SO_REUSEADDR socket option; this is used to allow a server to restart while the sockets left over from a previous process are still waiting to time out.
For this reason, the port range is generally divided into ranges with different uses. When a socket doesn't bind a local port (either because it just called connect() without calling bind(), or by specifying IPPORT_ANY as the port in bind()), the port is chosen from the ephemeral range, which is usually very high numbered ports. Servers, on the other hand, are expected to bind to low-numbered ports. If network applications follow this convention, you should not run into conflicts.
answered Jan 19 at 0:34
BarmarBarmar
424k35248349
Thanks for your answer. It seems as if your advice for using low-numbered ports for servers is perfectly good for Linux, where the ephemeral port range starts at 32768 according to the link I included. But it might not work so well for OpenBSD, where the ephemeral range starts at only 1024. We have a lot of little server processes in our software! On the other hand, we're running on Linux and not on OpenBSD, so I guess that worry is rather moot at the moment.
– Douglas
Jan 19 at 22:52
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54262859%2fcan-tcpv4-source-and-destination-ports-conflict-with-each-other-or-do-source-an%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The TCP specification says that connections are identified by the tuple:
{local addr, local port, remote addr, remote port}
Based on this, there theoretically shouldn't be a conflict between a local port used in an existing connection and trying to bind that same port for a server to listen on, since the listening socket doesn't have a remote address/port (these are represented as wildcards in the spec).
However, most TCP implementations, including the Unix sockets API, are more strict than this. If the local port is already in use in any existing socket, you won't be able to bind it, you'll get the error EADDRINUSE. A special exception is made if the existing sockets are all in TIME_WAIT state and the new socket has the SO_REUSEADDR socket option; this is used to allow a server to restart while the sockets left over from a previous process are still waiting to time out.
For this reason, the port range is generally divided into ranges with different uses. When a socket doesn't bind a local port (either because it just called connect() without calling bind(), or by specifying IPPORT_ANY as the port in bind()), the port is chosen from the ephemeral range, which is usually very high numbered ports. Servers, on the other hand, are expected to bind to low-numbered ports. If network applications follow this convention, you should not run into conflicts.
answered Jan 19 at 0:34
BarmarBarmar
424k35248349
Thanks for your answer. It seems as if your advice for using low-numbered ports for servers is perfectly good for Linux, where the ephemeral port range starts at 32768 according to the link I included. But it might not work so well for OpenBSD, where the ephemeral range starts at only 1024. We have a lot of little server processes in our software! On the other hand, we're running on Linux and not on OpenBSD, so I guess that worry is rather moot at the moment.
– Douglas
Jan 19 at 22:52
add a comment |
The TCP specification says that connections are identified by the tuple:
{local addr, local port, remote addr, remote port}
Based on this, there theoretically shouldn't be a conflict between a local port used in an existing connection and trying to bind that same port for a server to listen on, since the listening socket doesn't have a remote address/port (these are represented as wildcards in the spec).
However, most TCP implementations, including the Unix sockets API, are more strict than this. If the local port is already in use in any existing socket, you won't be able to bind it, you'll get the error EADDRINUSE. A special exception is made if the existing sockets are all in TIME_WAIT state and the new socket has the SO_REUSEADDR socket option; this is used to allow a server to restart while the sockets left over from a previous process are still waiting to time out.
For this reason, the port range is generally divided into ranges with different uses. When a socket doesn't bind a local port (either because it just called connect() without calling bind(), or by specifying IPPORT_ANY as the port in bind()), the port is chosen from the ephemeral range, which is usually very high numbered ports. Servers, on the other hand, are expected to bind to low-numbered ports. If network applications follow this convention, you should not run into conflicts.
answered Jan 19 at 0:34
BarmarBarmar
424k35248349
Thanks for your answer. It seems as if your advice for using low-numbered ports for servers is perfectly good for Linux, where the ephemeral port range starts at 32768 according to the link I included. But it might not work so well for OpenBSD, where the ephemeral range starts at only 1024. We have a lot of little server processes in our software! On the other hand, we're running on Linux and not on OpenBSD, so I guess that worry is rather moot at the moment.
– Douglas
Jan 19 at 22:52
add a comment |
The TCP specification says that connections are identified by the tuple:
{local addr, local port, remote addr, remote port}
Based on this, there theoretically shouldn't be a conflict between a local port used in an existing connection and trying to bind that same port for a server to listen on, since the listening socket doesn't have a remote address/port (these are represented as wildcards in the spec).
However, most TCP implementations, including the Unix sockets API, are more strict than this. If the local port is already in use in any existing socket, you won't be able to bind it, you'll get the error EADDRINUSE. A special exception is made if the existing sockets are all in TIME_WAIT state and the new socket has the SO_REUSEADDR socket option; this is used to allow a server to restart while the sockets left over from a previous process are still waiting to time out.
For this reason, the port range is generally divided into ranges with different uses. When a socket doesn't bind a local port (either because it just called connect() without calling bind(), or by specifying IPPORT_ANY as the port in bind()), the port is chosen from the ephemeral range, which is usually very high numbered ports. Servers, on the other hand, are expected to bind to low-numbered ports. If network applications follow this convention, you should not run into conflicts.
answered Jan 19 at 0:34
BarmarBarmar
424k35248349
The TCP specification says that connections are identified by the tuple:
{local addr, local port, remote addr, remote port}
Based on this, there theoretically shouldn't be a conflict between a local port used in an existing connection and trying to bind that same port for a server to listen on, since the listening socket doesn't have a remote address/port (these are represented as wildcards in the spec).
However, most TCP implementations, including the Unix sockets API, are more strict than this. If the local port is already in use in any existing socket, you won't be able to bind it, you'll get the error EADDRINUSE. A special exception is made if the existing sockets are all in TIME_WAIT state and the new socket has the SO_REUSEADDR socket option; this is used to allow a server to restart while the sockets left over from a previous process are still waiting to time out.
For this reason, the port range is generally divided into ranges with different uses. When a socket doesn't bind a local port (either because it just called connect() without calling bind(), or by specifying IPPORT_ANY as the port in bind()), the port is chosen from the ephemeral range, which is usually very high numbered ports. Servers, on the other hand, are expected to bind to low-numbered ports. If network applications follow this convention, you should not run into conflicts.
answered Jan 19 at 0:34
BarmarBarmar
424k35248349
answered Jan 19 at 0:34
BarmarBarmar
424k35248349
answered Jan 19 at 0:34
BarmarBarmar
424k35248349
answered Jan 19 at 0:34
BarmarBarmar
424k35248349
424k35248349
Thanks for your answer. It seems as if your advice for using low-numbered ports for servers is perfectly good for Linux, where the ephemeral port range starts at 32768 according to the link I included. But it might not work so well for OpenBSD, where the ephemeral range starts at only 1024. We have a lot of little server processes in our software! On the other hand, we're running on Linux and not on OpenBSD, so I guess that worry is rather moot at the moment.
– Douglas
Jan 19 at 22:52
add a comment |
Thanks for your answer. It seems as if your advice for using low-numbered ports for servers is perfectly good for Linux, where the ephemeral port range starts at 32768 according to the link I included. But it might not work so well for OpenBSD, where the ephemeral range starts at only 1024. We have a lot of little server processes in our software! On the other hand, we're running on Linux and not on OpenBSD, so I guess that worry is rather moot at the moment.
– Douglas
Jan 19 at 22:52
Thanks for your answer. It seems as if your advice for using low-numbered ports for servers is perfectly good for Linux, where the ephemeral port range starts at 32768 according to the link I included. But it might not work so well for OpenBSD, where the ephemeral range starts at only 1024. We have a lot of little server processes in our software! On the other hand, we're running on Linux and not on OpenBSD, so I guess that worry is rather moot at the moment.
– Douglas
Jan 19 at 22:52
Thanks for your answer. It seems as if your advice for using low-numbered ports for servers is perfectly good for Linux, where the ephemeral port range starts at 32768 according to the link I included. But it might not work so well for OpenBSD, where the ephemeral range starts at only 1024. We have a lot of little server processes in our software! On the other hand, we're running on Linux and not on OpenBSD, so I guess that worry is rather moot at the moment.
– Douglas
Jan 19 at 22:52
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54262859%2fcan-tcpv4-source-and-destination-ports-conflict-with-each-other-or-do-source-an%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
A connection is unique and defined by the n-tuple
{src addr, src port, dest addr, dest port}Sometimes protocol is used when there could be ambiguity, like{tcp, src addr, src port, dest addr, dest port}. As far as I know, there are no collisions unless information is not used, like{dest addr, dest port}.– jww
Jan 19 at 0:04
Thanks @jww. What I'm not sure of in your answer, is that packets that come back from the server have their source port and destination ports reversed. So, for the incoming packet coming back from the server, it seems as if it could in theory conflict with a packet coming from a client process on the remote machine to a server process on the local machine. This problem could, of course, be resolved with a single bit in the packet indicating whether the packet is coming from a "client" or a "server" process. But I don't know if such a bit exists in the protocol.
– Douglas
Jan 19 at 22:44