≡ Menu

Linux Increase Local Port Range with net.ipv4.ip_local_port_range Kernel Parameter

Linux Local Port Range
If your Linux server is opening lots of outgoing network connections, you need to increase local port range. By default range is small. For example a squid proxy server can come under fire if it runs out of ports.

You can use the sysctl command to to modify kernel parameters at runtime. The parameters available are those listed under /proc/sys/. Please note that this hack is only useful for high bandwidth, busy Linux servers or large scale grid servers.

How to find current port range type

Type the following command
$ sysctl net.ipv4.ip_local_port_range
Sample outputs:

net.ipv4.ip_local_port_range = 32768    61000

Set new local port range

You can set the range with any one of the following command. You must be root user:
# echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range
$ sudo sysctl -w net.ipv4.ip_local_port_range="1024 64000"

Finally, edit /etc/sysctl.conf file, to make changes to /proc filesystem permanently i.e. append the following line to your /etc/sysctl.conf file:
# increase system IP port limits
net.ipv4.ip_local_port_range = 1024 65535

Share this on:
{ 13 comments… add one }
  • evilaimFebruary 24, 2009, 8:07 pm

    Great walk through. This should help a lot of people.

  • tom3kAugust 5, 2009, 10:12 am

    worth mentioning…

    when adding ip_local_port_range to your sysctl.conf file, i had to use a tab between the 2 values or else the 2nd value was not being read correctly.

    centos5.2 w/ 2.6.18 vanilla.


  • JSmithDecember 9, 2009, 9:36 pm


    But it is possible to set port range per application basis?


  • pshanklandJanuary 16, 2013, 10:01 pm

    When I run ‘echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range’ I keep getting:

    -bash: /proc/sys/net/ipv4/ip_local_port_range: Permission denied

    Any ideas?

    • nixCraftJanuary 18, 2013, 10:52 am

      Run as root user.

      • kellogsApril 11, 2013, 11:40 pm

        awful advice

        • CanadaDryAugust 1, 2013, 6:39 pm

          idiot, pull up your big boy pants and use root when necessary.

          root gestapo stoppers unite

        • DrewNovember 22, 2013, 1:18 pm

          Uh how else would you write to this file?

        • Toki WinterMarch 9, 2016, 3:11 am

          What a moron. It’s the correct advice. You could do it with sudo, but for something like this, meh!

  • NaiduJune 7, 2013, 8:21 am

    What is the equivalent for QNX?

  • Samuel AntwiJune 21, 2014, 3:53 pm

    pshanklandlogin as root and run it

  • sysadminDecember 31, 2014, 2:46 pm


    I have succeeded to get rid of “haproxy Connect() failed for backend adsapp: no free ports” error mesages using info in this article.

  • IragamJuly 22, 2016, 8:59 pm

    I have changed the value to 31000 65535 but after few days it again came back to 102465535. May I know what is the reason for this ?

    I used the following to change
    echo 31000 65535 > /proc/sys/net/ipv4/ip_local_port_range

    Thanks in advance

Security: Are you a robot or human?

Leave a Comment

   Tagged with: , , , , ,