Linux Increase Local Port Range with net.ipv4.ip_local_port_range Kernel Parameter

by on November 2, 2007 · 11 comments· LAST UPDATED February 24, 2015

in , ,

Linux Local Port Range

If your Linux server is opening lots of outgoing network connections, you need to increase local port range. By default range is small. For example a squid proxy server can come under fire if it runs out of ports.

You can use the sysctl command to to modify kernel parameters at runtime. The parameters available are those listed under /proc/sys/. Please note that this hack is only useful for high bandwidth, busy Linux servers or large scale grid servers.

How to find current port range type

Type the following command
$ sysctl net.ipv4.ip_local_port_range
Sample outputs:

net.ipv4.ip_local_port_range = 32768    61000

Set new local port range

You can set the range with any one of the following command. You must be root user:
# echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range
$ sudo sysctl -w net.ipv4.ip_local_port_range="1024 64000"

Finally, edit /etc/sysctl.conf file, to make changes to /proc filesystem permanently i.e. append the following line to your /etc/sysctl.conf file:
# increase system IP port limits
net.ipv4.ip_local_port_range = 1024 65535

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 11 comments… read them below or add one }

1 evilaim February 24, 2009 at 8:07 pm

Great walk through. This should help a lot of people.


2 tom3k August 5, 2009 at 10:12 am

worth mentioning…

when adding ip_local_port_range to your sysctl.conf file, i had to use a tab between the 2 values or else the 2nd value was not being read correctly.

centos5.2 w/ 2.6.18 vanilla.



3 JSmith December 9, 2009 at 9:36 pm


But it is possible to set port range per application basis?



4 pshankland January 16, 2013 at 10:01 pm

When I run ‘echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range’ I keep getting:

-bash: /proc/sys/net/ipv4/ip_local_port_range: Permission denied

Any ideas?


5 nixCraft January 18, 2013 at 10:52 am

Run as root user.


6 kellogs April 11, 2013 at 11:40 pm

awful advice


7 CanadaDry August 1, 2013 at 6:39 pm

idiot, pull up your big boy pants and use root when necessary.

root gestapo stoppers unite


8 Drew November 22, 2013 at 1:18 pm

Uh how else would you write to this file?


9 Naidu June 7, 2013 at 8:21 am

What is the equivalent for QNX?


10 Samuel Antwi June 21, 2014 at 3:53 pm

pshanklandlogin as root and run it


11 sysadmin December 31, 2014 at 2:46 pm


I have succeeded to get rid of “haproxy Connect() failed for backend adsapp: no free ports” error mesages using info in this article.


Leave a Comment

Tagged as: , , , , ,

Previous post:

Next post: