4
2
In general ephemeral ports are used by clients when establishing connection with the server.
For example:
- Server listens on port 80
- A client (browser, FTP client, bittorent client) send a request to server including ephemeral port assigned by OS
- Server responds using provided ephemeral port as destination port
And now the question:
I wrote a server application which I would like to start on random free port each time it is started (To keep this question consist I will not explain why I would like this behaviour). Now my question is what implications would it have if I use one of ephemeral ports for server to listen on. Are there any drawbacks (also in terms of security) of doing this?
Do you maybe know any example of a server that is also make use of ephemeral ports in practise?
One of my concerns is also statement from The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference (page 705):
Just as well-known and registered port numbers are used for server processes, ephemeral port numbers are for client processes only.
So... kind of like bitorrent? – Journeyman Geek – 2014-05-09T06:47:41.743
1Actually FTP did it first. It had the server connect back to the client on the port the client gave for data transfer. This didn't work with proxies and NATs so a passive mode was implemented that used the same connection that the client first used to transfer data. – Dan D. – 2014-05-09T07:07:53.163
Actually (if I understand right) bittorrent's and FTP's clients are listening on ephemeral port but I would like for server to listen on ephemeral port provided by OS as long as server is up. So my questions is whether it is safe to do this as ephemeral ports are generally used by clients for short-lived transport protocols. – PrimosK – 2014-05-09T07:46:05.627