Hi,
On Sun, Feb 28, 2010 at 02:44:14PM +0100, David Sommerseth wrote:
> I am running a multihomed host where 'local <extip>' must be specified
> for proper operation. Unfortunately, this implies 'lport 1194' or
> another static port.
>
> This causes problems with stateful firewalls which register the host/port
> pairs in the internal connection tracking table. On ungraceful reconnects,
> the new TCP connection will have same the host/port pairs but unexpected
> sequence numbers. The new connection will be assumed as invalid hence and
> be dropped.
>
> It would be nice when local port can be configured to be bound to a
> random port number. After reading code,
I have not found a reference anywhere that documents that bind() can
be used with port=0 to tell the system "bind to the IP address, but
still use a random port". It seems to work though, and the code elsewhere
does not seem to make any assumptions about "port != 0" (it is effectively
just passed to bind(), and if bind() doesn't like it, an error exit occurs).
Since it fixes a real-world problem, there is obvious need for it.
-> ACK.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
