[En-Nut-Discussion] local tcp port randomisation
Harald Kipp
harald.kipp at egnite.de
Wed Jul 4 19:29:11 CEST 2012
Hi Bernd,
On 04.07.2012 18:46, Bernd Walter wrote:
> On Wed, Jul 04, 2012 at 12:09:25PM +0200, Harald Kipp wrote:
>> But I'd suggest to open up a new thread, because we are losing the topic of this one. Please refer to the initial question that Michel Hendriks posted in 2005 and Ole brought back to our attention.
>>
>> The comments probably do not mean "Unless we have an unpredictable random generator, we better leave the ephemeral port selection as it is and accept the failure that Michel described",
>>
>> or do they?
>
> I personally never saw a problem, but I'm also not doing many outgoing
> connections, so this won't indicate anything.
As far as I understood Michel, the problem arises when Ethernut resets (for whatever reason) during the first connection and then tries to re-use the same port number. In general it seems to be a bad idea to start with the same port number.
While touching this part, the idea was to use slightly variable increments on the following connections. This would also increase the port re-use frequency, but it is very unlikely that tiny systems like Ethernut would establish more than 1000 connections during one TIME-WAIT state time on the server side.
Btw. what makes me wondering is, that nobody discovered the obvious bug in my code sample.
ticks = (uint16_t) NutGetMillis();
if (first)
port = ticks;
else
port += ticks & 0x000F;
port |= 0xC000;
should have been
ticks = (uint16_t) NutGetMillis();
if (first)
port = ticks;
else
port += (uint16_t) ((ticks & 0x000F) | 1);
port |= 0xC000;
to make sure, that it is incremented at least by 1.
Regards,
Harald
More information about the En-Nut-Discussion
mailing list