[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Guidance needed on well known ports

To: "Christian Huitema" <huitema@windows.microsoft.com>
Subject: RE: Guidance needed on well known ports
From: "Joel M. Halpern" <joel@stevecrocker.com>
Date: Sat, 18 Mar 2006 15:58:48 -0500
Cc: iana@iana.org,netconf@ops.ietf.org,ietf@ietf.org
In-reply-to: <70C6EFCDFC8AAD418EF7063CD132D0640A1F44@WIN-MSG-21.wingroup .windeploy.ntdev.microsoft.com>
References: <20060318142117.26d5ecb3.smb@cs.columbia.edu> <70C6EFCDFC8AAD418EF7063CD132D0640A1F44@WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com>

I would not that starting dynamic ports above 1024 or even above 4096is not sufficient. There are already services with assigned portshigher than that. And it keeps growing. The IANA list of well-knownports is quite long.

If we could go back and start over, something like dynamic DNS andSRV records would get us out of the mess. But that is not a viable choice.

Yes, whenever possible one starts services before applications whichgrab dynamic port numbers. Unfortunately, that sometimes does not work.

All that aside, the IANA has a distinction (based on history) betweenports below 1024 and those above. And whne asking for a port numberassignment, one specifies which range one wants. I had least can notfind a coherent strategy for what should be on one side or the otherof that boundary.


Yours,
Joel

At 03:41 PM 3/18/2006, Christian Huitema wrote:

> A more interesting question is this: what are the odds that a user
> process will accidentally grab the port number before the system
> process gets to it?  The notion of a "privileged" port number is
> certainly preposterous; that said, putting services in a range that
> ordinary applications tend not to use has its merits.

There are two issues there, accidental collision between a dynamic port
and a service port, and "voluntary" collision between applications
trying to open the same port.

The practical solution to the first problem are to start services and
grab ports as part of the boot sequence, i.e. before user processes
start, and start dynamic allocations at some high number (e.g. larger
than 1024 or larger than 4096 or some admin defined value depending on
system version and configuration). If there is a reserved range, then it
is easy to start dynamic allocation outside the range.

Starting services quickly also helps with the "voluntary collisions"
between system services and applications, but is not foolproof. In any
case, it does not help with collisions between applications, e.g. two
applications trying to use the same port. What does help there is an
easily accessible registration system, so application developers can
easily "do the right thing", i.e. reserve a port and avoid collisions.
Note the emphasis on "easily accessible": if there are too many hoops to
jump through, the developers will likely just pick a number at random.

-- Christian Huitema


_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf



--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

References:
- Re: Guidance needed on well known ports
  - From: "Steven M. Bellovin" <smb@cs.columbia.edu>
- RE: Guidance needed on well known ports
  - From: "Christian Huitema" <huitema@windows.microsoft.com>

Prev by Date: Re: Guidance needed on well known ports
Next by Date: RE: Guidance needed on well known ports
Previous by thread: Re: Guidance needed on well known ports
Next by thread: Re: Guidance needed on well known ports
Index(es):
- Date
- Thread