Where is the documentation that states TCP and UDP source port should be over 1024 and random?
I am having a hard time to find where it is documented that the source port should be random and in the range 1024-65535.
In which RFC is this documented?
Edit:
First reference for privileged ports is in RFC2623
It seems that this is depending more on the TCP/IP implementation and it is a de-facto standard.
IANA is assigning the port numbers (RFC1700)
Solution 1:
You are probably looking for RFC 6056 - Recommendations for Transport-Protocol Port Randomization ("Best Current Practice").
Technically there is no requirement that the ephemeral port be >1024 or random (you could build a system that always initiates connections from port 12 because you like the number 12), it's just not "normal" to do so (and an awful idea for a bunch of reasons, some of which are described in that RFC).
Solution 2:
The RFC 6335 is explaining this:
Ports in the Dynamic Ports range (49152-65535) have been specifically set aside for local and dynamic use and cannot be assigned through IANA. Application software may simply use any dynamic port that is available on the local host, without any sort of assignment. On the other hand, application software MUST NOT assume that a specific port number in the Dynamic Ports range will always be available for communication at all times, and a port number in that range hence MUST NOT be used as a service identifier.
The reserved ports:
Ports in the User Ports range (1024-49151) are available for assignment through IANA, and MAY be used as service identifiers upon successful assignment.
Ports in the System Ports range (0-1023) are also available for assignment through IANA. Because the System Ports range is both the smallest and the most densely assigned, the requirements for new assignments are more strict than those for the User Ports range, and will only be granted under the "IETF Review" or "IESG Approval" procedures RFC5226.
The introduction explains the confusion:
For many years, the assignment of new service names and port number values for use with the Transmission Control Protocol (TCP) [RFC0793] and the User Datagram Protocol (UDP) [RFC0768] has had less than
clear guidelines.
It seems that Windows XP is not following RFC6335, but Solaris 10 does.
Solution 3:
What voretaq7 said along with this but being pedantic there is a technical requirement. Historically daemons/servers in *nix are running on ports < 1024 (calling them system ports) thus in order to avoid conflict, source ports (User ports) are > 1024 (or to be precise 1024 - 49151) However that is not always the case as you say and it depends on the implementation. All in all the above link gives a list of RFC's but probably the most specific one is RFC5226 which describes the "Expert Review" process of IANA.