6

I would like to ask community to help me finding answers to the following questions:

  1. According to RFC 6056 an operating system should pseudo-randomly select ephemeral ports for each transport layer connection. For TCP, which is stateful protocol, the situation is clear: the ephemeral port is assigned to 5 tuple {protocol, source_ip, source_port, destination_ip, destination_port} until the connection is dropped. However, UDP is a stateless protocol, there is no UDP connection. Therefore, for me it is not clear how an ephemeral port is assigned in case of UDP. Is it different for every request? Is it randomly assigned to 5 tuple and preserved until no packets received during a TIMEOUT?
  2. Are the differences in the implementations of various operating systems, e.g., Windows, Unix, Linux?
Community
  • 1
Yury
  • 119
  • 4
  • 2
    Definitely off-topic here, but RFC 6056 definitely *does not* specify what anything **should** do. See https://tools.ietf.org/html/rfc2119 – quadruplebucky Aug 13 '17 at 19:37
  • 3
    Maybe my English is not good enough, but this is what I read in RFC 6056 (Section 3.3): "Ephemeral port selection algorithms SHOULD obfuscate the selection of their ephemeral ports..." – Yury Aug 14 '17 at 12:48

1 Answers1

5

According to https://www.cymru.com/jtk/misc/ephemeralports.html the selection strategy varies between random and sequential depending on OS. Based on my observations, it the source port for UDP is different for each request.

David Filiatrault
  • 543
  • 3
  • 9
  • Isn't this a huge waste of resources? Basically, from your answer I understand that for UDP there is no such concept as session, i.e. every single UDP request asks an OS to provide a source port that it can use. Therefore, if you send tons of UDP requests this will create a huge load on the OS. Moreover, there is a limited amount of the ports available. – Yury Aug 15 '17 at 06:37
  • In addition, I saw this article, it is opened in my browser. But it does not say how the source ports are generated: for every single request or for a "session". From my experience, I see the opposite, the majority of applications maintain a "session", within which the source port stays the same. So I would like to know how this work for UDP-based protocols. – Yury Aug 15 '17 at 06:40
  • I think the ephemeral port is assigned to the socket, so an application will use the same port as long as it keeps the socket open. – András Korn Aug 15 '17 at 19:20
  • This is the actual question. If you do not specify explicitly what source port to use, will OS keep using the same source port open until socket is closed or it will generate a new one for every new request? Although the latter case seems to me not very reasonable, I think I found one proof of it: https://lwn.net/Articles/289206/ – Yury Aug 16 '17 at 13:07
  • The link is dead (requires HTTP Basic Auth) and, in addition, excluded from the Wayback Machine ☹ – mirabilos Jun 28 '22 at 14:18