[lwip-devel] [bug #33048] Bad range for IP source port numbers (ephemeral ports)

[Gustaf Ullberg]

URL:
  <http://savannah.nongnu.org/bugs/?33048>

                 Summary: Bad range for IP source port numbers (ephemeral
ports)
                 Project: lwIP - A Lightweight TCP/IP stack
            Submitted by: ullb
            Submitted on: Mon Apr 11 13:56:56 2011
                Category: IPv4
                Severity: 3 - Normal
              Item Group: Change Request
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: 
            lwIP version: CVS Head

    _______________________________________________________

Details:

The ranges of the source ports for TCP and UDP lie in the IANA Registered
ports range. According to IANA, this range SHOULD NOT be used. Additionally,
some firewalls drop packets in this range.

Instead, the IANA recommends 49152 to 65535 as "dynamic and/or private
ports".

I suggest that the macros in udp.c and tcp.c are modified:
UDP_LOCAL_PORT_RANGE_START 0xc000 // 49152
UDP_LOCAL_PORT_RANGE_END   0xffff // 65535
TCP_LOCAL_PORT_RANGE_START 0xc000 // 49152
TCP_LOCAL_PORT_RANGE_END   0xffff // 65535

According to the Wikipedia article on "Ephemeral port", most operating systems
are moving to this range. FreeBSD and Windows use this range, Linux uses a
similar one (32768 to 61000).

To conform to IANA rules and to avoid problems with firewalls, I think we
should change the range in lwip.

References:
Mailing-list thread:
http://lists.nongnu.org/archive/html/lwip-devel/2011-04/msg00004.html
Wikipedia article: http://en.wikipedia.org/wiki/Ephemeral_ports
IANA port numbers: http://www.iana.org/assignments/port-numbers

/Gustaf 




    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?33048>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/