How are source ports determined and how can I force it to use a specific port
How are local ports determined
The port number is chosen by the TCP implementation software from a range of port numbers called Ephemeral Ports.
The exact mechanism for choosing the port number and the range to be used is Operating System dependent.
Is there a way of forcing it to be 63999.
This can be done by changing the configuration of the TCP implementation software.
Instructions on configuring the Ephemeral Ports range for a variety of different Operating Systems can be found at Changing the Ephemeral Port Range.
- Instructions for Linux and Windows are included in this answer below for reference.
However, it is not a good idea to restrict the range to a single port, for example 63999
.
-
In fact on Windows this is not possible as:
The minimum range of ports that can be set is 255.
The Ephemeral Port Range
A TCP/IPv4 connection consists of two endpoints, and each endpoint consists of an IP address and a port number. Therefore, when a client user connects to a server computer, an established connection can be thought of as the 4-tuple of (server IP, server port, client IP, client port).
Usually three of the four are readily known -- client machine uses its own IP address and when connecting to a remote service, the server machine's IP address and service port number are required.
What is not immediately evident is that when a connection is established that the client side of the connection uses a port number. Unless a client program explicitly requests a specific port number, the port number used is an ephemeral port number.
Ephemeral ports are temporary ports assigned by a machine's IP stack, and are assigned from a designated range of ports for this purpose. When the connection terminates, the ephemeral port is available for reuse, although most IP stacks won't reuse that port number until the entire pool of ephemeral ports have been used.
So, if the client program reconnects, it will be assigned a different ephemeral port number for its side of the new connection.
Source The Ephemeral Port Range
Changing the Ephemeral Port Range
Linux:
Linux allows you to view and change the ephemeral port range by simply using the file
/proc/sys/net/ipv4/ip_local_port_range
. For example, this shows the default configuration on a kernel 2.2 system:$ cat /proc/sys/net/ipv4/ip_local_port_range 1024 4999
To change this to the preferred range, you could do (as superuser):
# echo "49152 65535" > /proc/sys/net/ipv4/ip_local_port_range
Note that you would need to do this each time the system boots, so be sure to add a line to a system startup script such as
/etc/rc.local
so your range is always used.Also note that the Linux 2.4 kernel will default the range of 32768 through 61000 if adequate kernel memory is available, so changing the range may not be necessary on newer Linux systems.
Finally, also note that you may be able to use the
sysctl
interface to change the settings rather than using the/proc
filesystem. The name of thesysctl
parameter is "net.ipv4.ip_local_port_range". Edit the/etc/sysctl.conf
file if you have it, or have a startup script run thesysctl
command manually if you want to change this parameter usingsysctl
.
Windows Vista/Windows Server 2008 and newer:
As of Windows Vista and Windows Server 2008, Windows now uses a large range (49152-65535) by default, according to Microsoft Knowledgebase Article 929851. That same article also shows how you can change the range if desired, but the default range is now sufficient for most servers.
Source Changing the Ephemeral Port Range
You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 computer by using the following
netsh
commands:netsh int ipv4 show dynamicport tcp netsh int ipv4 show dynamicport udp netsh int ipv6 show dynamicport tcp netsh int ipv6 show dynamicport udp
Notes:
- The range is set separately for each transport and for each version of IP.
- The port range is now truly a range with a starting point and with an endpoint.
- Microsoft customers who deploy servers that are running Windows Server 2008 may have problems with RPC communication between servers if firewalls are used on the internal network.
- In these cases, we recommend that you reconfigure the firewalls to allow for traffic between servers in the dynamic port range of
49152
through65535
.- This range is in addition to well-known ports that are used by services and by applications.
- Or, the port range that is used by the servers can be modified on each server.
You adjust this range by using the
netsh
command, as follows:netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range
This command sets the dynamic port range for TCP. The start port is number, and the total number of ports is range. The following are sample commands:
netsh int ipv4 set dynamicport tcp start=10000 num=1000 netsh int ipv4 set dynamicport udp start=10000 num=1000 netsh int ipv6 set dynamicport tcp start=10000 num=1000 netsh int ipv6 set dynamicport udp start=10000 num=1000
These sample commands set the dynamic port range to start at port 10000 and to end at port
10999
(1000 ports).Notes:
- The minimum range of ports that can be set is
255
.- The minimum starting port that can be set is
1025
.- The maximum end port (based on the range being configured) cannot exceed
65535
.- To duplicate the default behavior of Windows Server 2003, use
1025
as the start port, and then use3976
as the range for both TCP and UDP. This results in a start port of1025
and an end port of5000
.
Source Microsoft Knowledgebase Article 929851:
Windows XP and older:
For older Windows operating systems (Windows XP and older), Windows uses the traditional BSD range of 1024 through 4999 for its ephemeral port range. Unfortunately it appears that you can only set the upper bound of the ephemeral port range. Here is information excerpted from Microsoft Knowledgebase Article 196271:
- Start Registry Editor (
Regedt32.exe
).Locate the following key in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
On the "Edit" menu, click "Add Value", and then add the following registry value:
Value Name:
MaxUserPort
Data Type:REG_DWORD
Value:65534
(for example)Valid Range:
5000-65534
(decimal) Default:0x1388
(5000 decimal)Description: This parameter controls the maximum port number used when an application requests any available user port from the system. Normally, ephemeral (that is, short-lived) ports are allocated between the values of
1024
and5000
inclusive.Quit Registry Editor.
Note: There is another relevant KB article (812873) which claims to allow you to set an exclusion range, which could mean that you could exclude ports
1024-9999
(for example) to have the ephemeral port range be10000-65534
. However, we have not been able to get this to work (as of October 2004).
Source Changing the Ephemeral Port Range
David Postill's answer is perfectly right. I would like just to add to it, by stressing that changing the ephemeral port range in Linux is so simple, that the OP has an affirmative answer.
You change the EPR as follows:
echo "40000 60000" > /proc/sys/net/ipv4/ip_local_port_range
and you can select port 50000 (as an example) with the following script:
OLD_RANGE=$(cat /proc/sys/net/ipv4/ip_local_port_range)
MY_PORT=50000
echo "$MY_PORT $MY_PORT" > /proc/sys/net/ipv4/ip_local_port_range
sudo -u SomeUser SomeApplication &
echo $OLD_RANGE" > /proc/sys/net/ipv4/ip_local_port_range
One caveat here: since there is a single port in the range, another application might snatch it away from you between the execution of the third and the fourth lines above; also, even if there is no race condition, you will paralyze all other applications until you restore a large EPR, which is why I restored the original range as soon as possible.
Thus, if the OPs' operating system had been Linux, the answer would have been that it could easily be done.
Amazingly, this is not as straightforward on BSDs, some of which do not even have a runtime kernel setting for the EPR. MacOS X, FreeBSD and OpenBSD require modifying the file /etc/sysctl.conf, but they have different choices for the EPR.
Regardless of the above and of the OS, the fact that something can be done does not mean it ought to be done: why on Earth do you need this? I cannot think of a single use case.
It's worth adding that Linux kernel also has
net.ipv4.ip_local_reserved_ports
knob that does somewhat opposite but nevertheless it might be very useful because that way you can "punch a hole" for services that open specific port(s) in otherwise ephemeral range of ports.
Brief excerpt from the docs:
Specify the ports which are reserved for known third-party applications. These ports will not be used by automatic port assignments (e.g. when calling connect() or bind() with port number 0). Explicit port allocation behavior is unchanged.
The format used for both input and output is a comma separated list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and 10). Writing to the file will clear all previously reserved ports and update the current list with the one given in the input.