From: O'Donovan, Kevin (Kevin.O'Donovan@acs-inc.com)
Date: Fri Feb 13 2004 - 12:43:41 EST
Thanks to the guys who replied - Chris Medaglia, Rick Jones, Corne Beerse
and Bill Hassell. Here's the lowdown:
There doesn't appear to be an way of reserving network ports, unless you
make your application a 'client' of inetd, like ftpd/telnetd/etc.:
"Instead of writing your own daemon, you might simply have things coded so
they can run as a child of inetd. Inetd starts rather early in the boot
process and so is a good fit for "first come, first served"
"(see http://www.sourcecodecorner.com/articles/vnc/linux.asp
<http://www.sourcecodecorner.com/articles/vnc/linux.asp> for an
example on how vnc is hooked into inetd.)"
Adding to /etc/services does not reserve the ports, although I would suggest
if you use particular ports consistently add them in there as a 'flag' to
let other users know you are using those ports. Better than nothing!
"The /etc/services file is documentation. It does not reserve a port. Some
programs
will refer to the port by service name so if it is not listed, the program
will abort."
The way to go with this issue is to watch what ports you use:
"look at a netstat output to see what ports are being used while the machine
is busy, and pick a set of ports that are far away from the others. Also,
have a look at this:
http://www.iana.org/assignments/port-numbers
<http://www.iana.org/assignments/port-numbers>
This explains the well-known, registered, and dynamic/private ports concept.
If you stay between 49152 and 65535, chances are, you're safe. Most of the
registered ports are not likely to be used on your system, so if you want a
lower number for an internal app, you shouldn't have a problem if you just
avoid the ones on your particular systems."
"Also, if you select a port number above tcp_smallest_nonpriv_port and below
tcp_smallest_anon_port (I think those are the ndd settings) you can be
reasonably sure that plain random applications that don't select specific
port numbers will not get the port number(s) you want to use."
Thanks,
Kevin.
-----Original Message-----
From: hpux-admin-owner@DutchWorks.nl [mailto:hpux-admin-owner@DutchWorks.nl]
On Behalf Of O'Donovan, Kevin
Sent: 12 February 2004 16:29
To: hpux-admin@DutchWorks.nl
Subject: [HPADM] Reserving tcp/ip ports
Hi,
I have a user, with 2 machines, and an application on each machine that
wants to communicate with the application on the other machine, via tcp/ip.
However none of the processes involved use the /etc/services file. So,
machine X has App1 running on it, machine Y has App2 running on it, App1
wants to talk to App2 over tcp/ip.
Basically what I need to do is prevent other processes from using the ports
these applications want to use, is there any way of doing that? Short of
writing a C program that listens at a port, and a wrapper shell script to
terminate/run that process when it needs to use/reserve those ports...
Thanks in advance,
Kevin.
--
---> Please post QUESTIONS and SUMMARIES only!! <---
To subscribe/unsubscribe to this list, contact majordomo@dutchworks.nl
Name: hpux-admin@dutchworks.nl Owner: owner-hpux-admin@dutchworks.nl
Archives: ftp.dutchworks.nl:/pub/digests/hpux-admin (FTP, browse only)
http://www.dutchworks.nl/htbin/hpsysadmin (Web, browse & search)
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 11:02:39 EDT