If your Linux server is opening lots of outgoing network connection, you need to increase local port range. By default range is small. For example squid proxy server can come under fire if it runs out of ports.
You can use sysctl command to to modify kernel parameters at runtime. The parameters available are those listed under /proc/sys/. Please note that this hack is only useful for high bandwidth, busy Linux servers or large scale grid servers.
To find current range type
$ sysctl net.ipv4.ip_local_port_range
Output:
net.ipv4.ip_local_port_range = 32768 61000
Set new local port range
You can set the range with the following command:
# echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range
OR
$ sudo sysctl -w net.ipv4.ip_local_port_range="1024 64000"
You may need to edit /etc/sysctl.conf file, to make changes to /proc filesystem permanently i.e. append the following to your /etc/sysctl.conf file:
# increase system IP port limits
net.ipv4.ip_local_port_range = 1024 65535
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
- Email this to a friend
- Download PDF version
- Printable version
- Comment RSS feed
- Last Updated: Nov/2/07
Sign up for our daily email newsletter:
{ 3 comments… read them below or add one }
Great walk through. This should help a lot of people.
worth mentioning…
when adding ip_local_port_range to your sysctl.conf file, i had to use a tab between the 2 values or else the 2nd value was not being read correctly.
centos5.2 w/ 2.6.18 vanilla.
ciao.
Hi,
But it is possible to set port range per application basis?
regards.