Linux - DesktopThis forum is for the discussion of all Linux Software used in a desktop context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Ubuntu & Mint LTS, Manjaro Rolling; Android
Posts: 242
Rep:
ip_local_port_range Question
During boot, Linus insists on letting me know his preferences for port range parity; I respect Lunus, but if he's planning to visit, would rather know which brand of beer he prefers. Specifically, he says:
QUOTE ============================================================
ip_local_port_range: prefer different parity for start/end values.
END QUOTE ========================================================
Using 'cat /proc/sys/net/ipv4/ip_local_port_range', I have the start and end values of 9000 and 65000, which seems a rather oddly large range to me, as this is a desktop (Ubuntu 16.04 with Unity desktop), but networking isn't really my thing.
Based on a wealth of inconsistent information I found on the web, I edited /etc/sysctl.conf to change those values to 9000 and 64999 (All that reading gave me the impression that perhaps the word "parity" might be used incorrectly but, again, networking isn't my thing - all the examples suggested that the actual number of ports simply needed to be odd rather than even, but none of the postings explicitly stated that).
I rather dislike errors showing up on the screen during boot, and was hoping this would remove the last of these, but after making this change, I had a slew of errors scrolling down the screen so fast that I couldn't read them, and wasn't able to locate them in any error log after the boot completed. So I went back from 64999 to 65000. Should I have edited these in a different location?
And, by the way, why do those default numbers seem to suggest a far greater number of ports than I would ever need?
Can anyone offer any enlightenment - or point me towards a clear explanation of this subject that's relevant for a current Linux distribution (I'm using Ubuntu 16.04.1 with kernel 4.4.0-36, and haven't experienced this issue with earlier Ubuntus or Fedoras).
There are "well known" ports that are commonly used. There are ports that various people have asked to be setup for their use by default. There random ports that get used every time a socket connection is made. A socket consists of a source IP and source port connected to a destination IP and destination port. In general at least one side of this will have a random port. If the source IP and destination IP are both on your local server it generally means the socket is being used for interprocess communication. (You'll see many sockets using either 127.0.0.1 which is "localhost" or using the primary IP of your server.)
I know for a fact that Oracle requires you to change the default allowed range.
Having the ports "available" in your running system merely means that processes on your system can use them. It does NOT mean that other servers can connect. For other servers to connect something on your side has to be LISTENing on that port or spawn the connection itself in tandem with some process that was already started.
Further not all LISTENing ports need to be accessible from outside your system which is why you use iptables or firewalld or some other firewall to only allow access to those ports that should be.
Distribution: Ubuntu & Mint LTS, Manjaro Rolling; Android
Posts: 242
Original Poster
Rep:
Ahhh... anyone who quotes Nero Wolfe is ok in my book, although my brain skills are closer to Archie Goodwin's - I eventually "get it" but it takes a few whacks on the side of my head. Nevertheless:
You mentioned Oracle, and I had completely forgotten that I have been installing its RDBMS (the xe version of course) on my Ubuntu system for ages, so that likely explains why I have the odd numbers that I do. (FWIW Oracle XE is only available as an rpm package, but if anyone wants to know how to get that running on Ubuntu, just reply and I'll be glad to let you know - it's actually not very painful to do).
Having said that, I would still be very much interested in knowing how to get rid of the message that my machine's innards "prefer different parity for start/end values." Since I think I did what all the suggestions called for, I'd love to learn what I missed.
My heroes have always been smart-asses. It is why I liked Spiderman comics as a teen, why I liked Han Solo in Star Wars and why I love Archie and Nero. I began reading the Nero Wolfe mysteries years ago and have reread most of them multiple times. People ask why I would re-read a mystery because they assume I read it for the "mystery" rather than the characters.
They say essentially the "parity" they're looking for is to have an "even" number of ports defined. The idea is that they're using only "odd" ports for random assignments to try not to deplete the pool and to do that they need to have the same number of odd and even numbered ports.
You said you already tried to adjust by 1 which should have solved it based on what I read.
The range we use per Oracle is: net.ipv4.ip_local_port_range = 9000 65500
Oracle's OUI is brain dead in that it refuses to continue unless it finds certain values for certain parameters. This would be fine if those values were based on calculations due to the installation but it is clear from everything that I've ever seen that they are simply based on whatever system they did the install/testing on at Oracle. It will even complain that "unlimited" is too low because it can't detect that as a number. What is even more maddening is that often enough the values the OUI expects are different than those the Oracle installation documents tell you to set.
I've never really paid attention to this message on our RHEL installations. It isn't an error but rather a warning. They do provide the details of the patch that generates this warning on other links so if it really bothers you I guess you could modify to comment out the patch and recompile.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.