12

I am having a hard time to find where it is documented that the source port should be random and in the range 1024-65535.

In which RFC is this documented?

Edit:
First reference for privileged ports is in RFC2623
It seems that this is depending more on the TCP/IP implementation and it is a de-facto standard.

IANA is assigning the port numbers (RFC1700)

dcharles
  • 149
  • 9
Mircea Vutcovici
  • 16,706
  • 4
  • 52
  • 80
  • 1
    FYR - RFC 1700 (STD 2) only deals with the assignment of **listener** ports (where services listen for connections). It doesn't deal with the selection of the connecting server's source port. – voretaq7 Sep 20 '11 at 14:41
  • Yes, but the corollary that you "SHOULD" use the registered ports is that you should not use them for other stuff. That is why I mentioned it. – Mircea Vutcovici Sep 20 '11 at 14:54
  • 2
    http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml talks about the Dynamic and/or Private Ports (49152-65535). So it seems that the client should use a port from that range. – Mircea Vutcovici Sep 20 '11 at 14:55

3 Answers3

13

You are probably looking for RFC 6056 - Recommendations for Transport-Protocol Port Randomization ("Best Current Practice").

Technically there is no requirement that the ephemeral port be >1024 or random (you could build a system that always initiates connections from port 12 because you like the number 12), it's just not "normal" to do so (and an awful idea for a bunch of reasons, some of which are described in that RFC).

Community
  • 1
voretaq7
  • 79,345
  • 17
  • 128
  • 213
4

The RFC 6335 is explaining this:

Ports in the Dynamic Ports range (49152-65535) have been specifically set aside for local and dynamic use and cannot be assigned through IANA. Application software may simply use any dynamic port that is available on the local host, without any sort of assignment. On the other hand, application software MUST NOT assume that a specific port number in the Dynamic Ports range will always be available for communication at all times, and a port number in that range hence MUST NOT be used as a service identifier.

The reserved ports:

Ports in the User Ports range (1024-49151) are available for assignment through IANA, and MAY be used as service identifiers upon successful assignment.

Ports in the System Ports range (0-1023) are also available for assignment through IANA. Because the System Ports range is both the smallest and the most densely assigned, the requirements for new assignments are more strict than those for the User Ports range, and will only be granted under the "IETF Review" or "IESG Approval" procedures RFC5226.

The introduction explains the confusion:

For many years, the assignment of new service names and port number values for use with the Transmission Control Protocol (TCP) [RFC0793] and the User Datagram Protocol (UDP) [RFC0768] has had less than
clear guidelines.

It seems that Windows XP is not following RFC6335, but Solaris 10 does.

Community
  • 1
Mircea Vutcovici
  • 16,706
  • 4
  • 52
  • 80
1

What voretaq7 said along with this but being pedantic there is a technical requirement. Historically daemons/servers in *nix are running on ports < 1024 (calling them system ports) thus in order to avoid conflict, source ports (User ports) are > 1024 (or to be precise 1024 - 49151) However that is not always the case as you say and it depends on the implementation. All in all the above link gives a list of RFC's but probably the most specific one is RFC5226 which describes the "Expert Review" process of IANA.

Community
  • 1
user
  • 1,408
  • 8
  • 10
  • Some NFS server implementations require that NFS client to use a port <1024. So technically it was always possible to use all ports as source port. What I am asking is for a document that ask to use for ports over 1024. It seems that actually the client should use ports over 49152. – Mircea Vutcovici Sep 20 '11 at 15:05
  • 1
    That doesn't disprove my answer. See here http://unix.stackexchange.com/questions/16564/why-are-the-first-1024-ports-restricted-to-the-root-user-only Why is that the IANA assignment and RFC 6056 don't cover you? After you can always give recomendations nobody stops you from implementing a web browser that will use port 80 as a source port – user Sep 20 '11 at 15:10
  • 1
    Being equally pedantic, there is no *requirement* that the privileged or "well-known" ports not be used as a source port (see Mircea's counterexample with privileged NFS ports) -- It's not commonly done for the reasons you mentioned, but it's also not forbidden. AFAIK according to the TCP and UDP RFCs any unused port is fair game as a source port. The rules we make up on top of that are for our convenience :-) – voretaq7 Sep 20 '11 at 15:29