[openib-general] Re: Re: port_num
Michael S. Tsirkin
mst at mellanox.co.il
Wed Mar 15 18:00:38 PST 2006
Quoting r. Tom Tucker <tom at opengridcomputing.com>:
> Subject: RE: Re: port_num
>
> BTW, I don't have any conclusion to all this, but I have a use case we
> should be aware of....
>
> The TCP port space is divided into 'trusted' and 'untrusted' ranges.
> Some applications (NFS) look at the source port on an incoming connect
> request and check if it is in the 'trusted' range. If it is not, the
> connection is denied. So basically, ULP are going to want to be able to
> reserve and specify port numbers...and this policy needs to be
> coordinated...
With AF_INET, there's a pair of values sysctl_local_port_range
which sets the range of ports allocated to sockets.
The lowest legal value for the range is 1024: the port numbers below 1024
are AFAIK called reserved ports, I think this is what you refer to:
only users with CAP_NET_BIND_SERVICE can bind them.
Since all CMA addresses are AF_INET, we can just code this into CMA.
--
Michael S. Tsirkin
Staff Engineer, Mellanox Technologies
More information about the general
mailing list