[tproxy] tproxy bind failed - limit of TPROXY bind
elyasaf
elyasaf at icomsw.com
Wed May 6 19:35:19 CEST 2009
Thank you for your response
I have more than 2Gbits (all tcp and udp via tproxy) on my networks, with
more than 20k different active ips
I am not using the same ip twice
(local_addr.sin_addr.s_addr++;)
Than I expected tproxy don’t mix the bind, and treat them like different
interface
And my sample code, I think approve it
-----Original Message-----
From: KOVACS Krisztian [mailto:hidden at sch.bme.hu]
Sent: Wednesday, May 06, 2009 6:43 PM
To: elyasaf
Cc: tproxy at lists.balabit.hu
Subject: Re: [tproxy] tproxy bind failed - limit of TPROXY bind
Hi,
On sze, máj 06, 2009 at 02:41:38 +0300, elyasaf wrote:
> The result:
>
> bind - error: Address already in use
>
> bind for the 28223 socket (fd=28226) failed
>
> ipport - 63.110.0.208:0
>
> Why this low limit? Can I configure something to by-pass it? If not, have
> chance to fix this bug?
I don't think this has anything to do with tproxy.
Each and every bind requires a free port -- so the 100000 iterations
you're doing in your test will *never* gonna work.
Furthermore, automatically selected ports are selected from a limited
subset of ports, which is tunable with a sysctl setting.
http://href.hu/x/8y75
As you can see, the default setting for the local port range is 32768 -
61000, so I'm fairly sure this is the limit you're reaching.
But again, I doubt this has anything to do with tproxy. I suggest
consulting a good introductory book on TCP/IP and Linux networking.
--
KOVACS Krisztian
More information about the tproxy
mailing list