[Gluster-devel] changing client insecure port ceil

Prasanna Kalever pkalever at redhat.com
Fri May 13 09:24:26 UTC 2016


Hello all,

please review [1]

the above patch changes client insecure port ceiling from 65535 to 49151:

current port allocation to various processes (clumsy):
  1023 - 1        -> client ports range if bind secure is turned on
49151 - 1024   -> fall back to this, if in above case ports exhaust
65535 - 1024   -> client port range if bind insecure is on
49152 - 65535 -> brick port range


now, we have segregated port ranges 0 - 65535 to below 3 ranges
 1023 - 1         -> client ports range if bind secure is turned on
49151 - 1024   -> client port range if bind insecure is on (fall back
to this, if in above case ports exhaust)
49152 - 65535 -> brick port range

What this address?
with this above approach, we can achieve a clean segregation of port mapping.
Since bind insecure is on now, the client ports start from 65535 to
down and bricks start from 49152 to up,
there could be a possibility of port clash between brick and client ports.


All the above story is for now,
In the next releases we (Raghavendra Talur and myself) would like to
remove glusterd doing port allocation,
also honor "ip_local_port_range" and "ip_local_reserved_ports" by
leave the allocation to be done by kernel.
I shall write it as a separate email when we start doing that, but for
now [1] is important.

http://review.gluster.org/#/c/14326


Thanks,
--
Prasanna


More information about the Gluster-devel mailing list