How do I reserve ports for my application?

tcp udp socket
63,417

Solution 1

Technically, there's no such thing as a "reserved port".

In TCP/UDP, the only way to "reserve" a port is to actually bind() a socket to it. A bound port will not be used by other applications; an unused port is, well, unused so other applications are free to use it.

If you are writing server software, then you can bind your sockets to specific ports as early as you want in the application code. Make the port numbers configurable, or at least clearly state them in the documentation, so that a systems administrator can quickly identify clashes and move conflicting applications to separate servers.

Solution 2

To ensure the kernel won't give out 49000 and 49001 to clients as you wish to use them for your servers on linux.

sysctl -w net.ipv4.ip_local_reserved_ports = 49000, 49001

drop it in /etc/sysctl.conf, and then run sysctl -p.

Note that this is untested.

References

Solution 3

Actually, the above answer is not entirely accurate. The sysctls net.inet.ip.portrange.first and net.inet.ip.portrange.last specify the range of ports the OS can allocate for random ports. You would want to make sure that the range of reserved ports for your application does not fall within these variables.

Take a look in the FreeBSD Handbook, section: 12.14. Tuning Kernel Limits. But the same basic premise should apply to Linux as well.

Share:
63,417

Related videos on Youtube

Michael Baker
Author by

Michael Baker

Updated on September 18, 2022

Comments

  • Michael Baker
    Michael Baker over 1 year

    How do I reserve a list of ports for my custom applications?

    To be specific, the product I'm creating has a lot of processes and a lot of intercommunication between them.

    The problem I'm having is that - every once in a while - the OS steals my ports. It's rare, but it happens.

    This could be because a different application has used "::bind" with no port specified.

    Or sometimes my own applications steal the port when I call "::connect" with an unbound socket. As seen from the man page:

    If the socket has not already been bound to a local address, connect() shall bind it to an address which, unless the socket's address family is AF_UNIX, is an unused local address.

    So my question is, can I reserve the ports that I need so the OS doesn't use them? Can this be accomplished with /etc/services? Or is there a different way?

    • alex
      alex almost 13 years
      Can you use AF_UNIX sockets instead?
    • EightBitTony
      EightBitTony almost 13 years
      More worried why your own application is 'stealing ports'?
    • Michael Baker
      Michael Baker almost 13 years
      I was debating if I need to go through my software and bind the client side of each connection to a specific port. It's quite the job for me to update this as there are a lot of connection paths in my applications. Reserving ports in the OS would have been a good stop gap solution until I found time to do this.
    • LiuYan 刘研
      LiuYan 刘研 almost 13 years
      I'm not sure if SELinux in Enforcing mode can meet your requirement, I'm still learning on it. So just a guess, maybe you can define your own policy for SELinux to reserve yours ports, such as my_server_port_t tcp 1111, 2222, 3333, 4444-4600. If your application will run everywhere (not a server application), I'm afraid you can't control whether SELinux is ON or OFF.
    • Mark Lakata
      Mark Lakata over 8 years
      By "stealing" I assume you mean that the 3rd party app is binding to your chosen port number before you application gets a chance, because the 3rd party app has requested to bind to 0 and the OS has randomly assigned your chosen port number to the 3rd party app. If so, see unix.stackexchange.com/a/38724/27865
  • EightBitTony
    EightBitTony almost 13 years
    Also, avoid using well known/reserved ports if at all possible.
  • MattK
    MattK about 12 years
    Also, this link may be of assistance: stackoverflow.com/questions/913501/…
  • Rag
    Rag over 9 years
    I think in Linux it's called net.ipv4.ip_local_port_range
  • Admin
    Admin over 8 years
    I tried this, but it also prevented my own application from using the ports! What about defining the port numbers with names in /etc/services?
  • Mark Lakata
    Mark Lakata over 8 years
    @user134197 This should not prevent your own application from using those ports if you explicitly use a non zero port number in your bind request. It works for me.
  • Jason Newton
    Jason Newton over 8 years
    There are reserved ports sometimes. This is good general advice but not the correct answer on Linux.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

TCP vs UDP Error-Checking
Sockets found by lsof but not by netstat
how to forward udp packets over tcp (udptunnel)
Sending string/data via php to device connected to my server
Node.js UDP client to handle a response from a udp server
Proper way to calculate Link Throughput
Convert UDP to TCP - Ngrok TCP => UDP
Confusion over how UDP server sends the response back to UDP client
use select() to listen on both tcp and udp message
TCP/IP packets and datagrams