[Click] IPFlowRawSockets and network applications timing out [FIX INCLUDED]
Eddie Kohler
kohler at cs.ucla.edu
Wed Jan 4 15:58:05 EST 2006
Hi Michael,
Thanks for reporting this issue! That sounds like the right fix;
I've updated the documentation.
Eddie
On Jan 2, 2006, at 1:58 AM, Michael Gellman wrote:
> Dear Click users:
>
> In my click configuration, I am using the IPFlowRawSockets element.
> However, when I used the iptables line given in the documentation to
> drop packets to the chosen destination ports:
>
> iptables -A INPUT -p tcp --dport 50000:65535 -j DROP
> iptables -A INPUT -p udp --dport 50000:65535 -j DROP
>
> I noticed that occasionally network applications on
> the machine would hang for a really long time before timing out. I
> think
> this was due to choosing a local port withing the 50000:65535 range
> which then caused all reply packets to be dropped.
>
> I think the correct fix for this behaviour is to issue the following
> command:
>
> echo "32768 49999" > /proc/sys/net/ipv4/ip_local_port_range
>
> which will set the maximum local port for new applications to be less
> than 50000.
>
> If this is the correct fix, maybe it can be added to the element's
> documentation?
>
> Thanks,
>
> Michael Gellman
>
> --
> Intelligent Systems & Networks Group
> Dept of Electrical & Electronic Engineering
> Imperial College London
> London SW7 2BT
>
> _______________________________________________
> click mailing list
> click at amsterdam.lcs.mit.edu
> https://amsterdam.lcs.mit.edu/mailman/listinfo/click
More information about the click
mailing list