Thank you for your response I have more than 2Gbits (all tcp and udp via tproxy) on my networks, with more than 20k different active ips I am not using the same ip twice (local_addr.sin_addr.s_addr++;) Than I expected tproxy dont mix the bind, and treat them like different interface And my sample code, I think approve it -----Original Message----- From: KOVACS Krisztian [mailto:hidden@sch.bme.hu] Sent: Wednesday, May 06, 2009 6:43 PM To: elyasaf Cc: tproxy@lists.balabit.hu Subject: Re: [tproxy] tproxy bind failed - limit of TPROXY bind Hi, On sze, máj 06, 2009 at 02:41:38 +0300, elyasaf wrote:
The result:
bind - error: Address already in use
bind for the 28223 socket (fd=28226) failed
ipport - 63.110.0.208:0
Why this low limit? Can I configure something to by-pass it? If not, have chance to fix this bug?
I don't think this has anything to do with tproxy. Each and every bind requires a free port -- so the 100000 iterations you're doing in your test will *never* gonna work. Furthermore, automatically selected ports are selected from a limited subset of ports, which is tunable with a sysctl setting. http://href.hu/x/8y75 As you can see, the default setting for the local port range is 32768 - 61000, so I'm fairly sure this is the limit you're reaching. But again, I doubt this has anything to do with tproxy. I suggest consulting a good introductory book on TCP/IP and Linux networking. -- KOVACS Krisztian