Browse Prior Art Database

Improved handling of over-load conditions in a networked system through efficient port-space usage

IP.com Disclosure Number: IPCOM000012910D
Original Publication Date: 2003-Jun-09
Included in the Prior Art Database: 2003-Jun-09
Document File: 2 page(s) / 70K

Publishing Venue

IBM

Abstract

In the TCP/IP protocol, communication takes place by establishing sockets between the communicating machines. Sockets are associated with the source and destination IP addresses and port numbers which uniquely identify them. Typically, servers will bind to a particular port they are assigned i.e. server ports are typically well known. Clients and other services use temporary, operating system-assigned ports called ephemeral ports. Ephemeral ports are temporary ports assigned by a machine's IP stack, and are assigned from a designated range of ports for this purpose. When the connection terminates, the ephemeral port is available for reuse, although most IP stacks won't reuse that port number until the entire pool of ephemeral ports have been used. So, if the client program reconnects, it will be assigned a different ephemeral port number for its side of the new connection. An important ramification of having an ephemeral port range is that it limits the maximum number of connections from one machine to a specific service on a remote machine. Although the user typically has options to extend this range, the range is restricted by the fact that a port number can be 16-bits wide and thus a maximum of 65535. Most operating systems like Windows have a port range of 4000. A port range of 4000 may seem large, but it is actually small for 21st century computing demands while considering that a TCP connection must expire through the TIME_WAIT state before it is really completed. For example, even if both sides of a connection properly close their ends of the connection, due to TCP's error control, each side must wait until the TIME_WAIT state is expired before the connection's resources can really be disposed. The TIME_WAIT state is twice the MSL (maximum segment lifetime), which, depending on the IP stack, is usually configured to be 240 seconds. That means that a system could have only 4000 connections in a 240-second window, and in practice this can be exhausted.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 55% of the total text.

Page 1 of 2

  Improved handling of over-load conditions in a networked system through efficient port-space usage

One of the mechanism to alleviate this situation is by embedding some self-healing properties whereby the system eliminates/delays the onset of such ephemeral port space exhaustion. The idea proposed here takes advantage of the fact that system can reuse ephemeral port numbers without the application being aware of this reuse as long as the 4-tuple {Local IP Addr, Local Port, Foreign IP Addr, Foreign Port} combination is unique.

Ephemeral ports are generally used in cases when client applications running on a system issue a connect() system call to connect to a specific server IP and port number. Normally, client application do not bind a specific port before issuing a connect, hence their local port is generally 0 when connect() is called. When the local port is 0, the connect system call internally calls bind() before doing the connect to get an "temporary" or "ephemeral" port for this connection.

Here is a pseudo code that explains the sequence of events in BSD and BSD derived stacks when an application issues a connect() system call:

connect() - from user

PRU_CONNECT handled by the transport provider (TCP or UDP)

if (application has not done a bind) {

Call error = in_pcbbind(); /* Step (A) This checks all ports in the

ephemeral port range for an available port */

if (error) return (error); /*This error could be EADDRINUSE, EAGAIN,

EADDRNOTAVAIL depending on the platform */

}

in_pcbconnect(inp, destination);

....

Currently, the code checks the port space range to see if a port number in the ephemeral range is available, and if not Step (A) above returns an error to the application signaling that all the ports are in use. Thus the application cannot setup any more new connections unless previously established connection using these ports go away or are torn down.

This invention proposes a new method to solve this problem that extends the range of the port space that is available on a system. Here code makes use of the fact that system could allow a port to be reused as long as the four tuple {Local IP Addr, Local Port, Foreign IP Addr, Foreign Port} is unique.

With this new technique, on getting a "all ports in use" error code will now check if the four tuple of local IP address, local port,...