[tproxy] tproxy bind failed - limit of TPROXY bind
elyasaf at icomsw.com
Wed May 6 19:35:19 CEST 2009
Thank you for your response
I have more than 2Gbits (all tcp and udp via tproxy) on my networks, with
more than 20k different active ips
I am not using the same ip twice
Than I expected tproxy dont mix the bind, and treat them like different
And my sample code, I think approve it
From: KOVACS Krisztian [mailto:hidden at sch.bme.hu]
Sent: Wednesday, May 06, 2009 6:43 PM
Cc: tproxy at lists.balabit.hu
Subject: Re: [tproxy] tproxy bind failed - limit of TPROXY bind
On sze, máj 06, 2009 at 02:41:38 +0300, elyasaf wrote:
> The result:
> bind - error: Address already in use
> bind for the 28223 socket (fd=28226) failed
> ipport - 188.8.131.52:0
> Why this low limit? Can I configure something to by-pass it? If not, have
> chance to fix this bug?
I don't think this has anything to do with tproxy.
Each and every bind requires a free port -- so the 100000 iterations
you're doing in your test will *never* gonna work.
Furthermore, automatically selected ports are selected from a limited
subset of ports, which is tunable with a sysctl setting.
As you can see, the default setting for the local port range is 32768 -
61000, so I'm fairly sure this is the limit you're reaching.
But again, I doubt this has anything to do with tproxy. I suggest
consulting a good introductory book on TCP/IP and Linux networking.
More information about the tproxy