[Click] IPFlowRawSockets and network applications timing out [FIX INCLUDED]
Michael Gellman
m.gellman at imperial.ac.uk
Thu Dec 29 06:01:11 EST 2005
Dear Click users:
In my click configuration, I am using the IPFlowRawSockets element.
However, when I used the iptables line given in the documentation to
drop packets to the chosen destination ports:
iptables -A INPUT -p tcp --dport 50000:65535 -j DROP
iptables -A INPUT -p udp --dport 50000:65535 -j DROP
I noticed that occasionally network applications on
the machine would hang for a really long time before timing out. I think
this was due to choosing a local port withing the 50000:65535 range
which then caused all reply packets to be dropped.
I think the correct fix for this behaviour is to issue the following
command:
echo "32768 49999" > /proc/sys/net/ipv4/ip_local_port_range
which will set the maximum local port for new applications to be less
than 50000.
If this is the correct fix, maybe it can be added to the element's
documentation?
Thanks,
Michael Gellman
--
Intelligent Systems & Networks Group
Dept of Electrical & Electronic Engineering
Imperial College London
London SW7 2BT
More information about the click
mailing list