Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 8F5D0200C38 for ; Wed, 15 Mar 2017 14:40:00 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 8E043160B78; Wed, 15 Mar 2017 13:40:00 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id B311A160B70 for ; Wed, 15 Mar 2017 14:39:59 +0100 (CET) Received: (qmail 35276 invoked by uid 500); 15 Mar 2017 13:39:57 -0000 Mailing-List: contact users-help@qpid.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@qpid.apache.org Delivered-To: mailing list users@qpid.apache.org Received: (qmail 35263 invoked by uid 99); 15 Mar 2017 13:39:56 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Mar 2017 13:39:56 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 5874B1A08CC for ; Wed, 15 Mar 2017 13:39:56 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.379 X-Spam-Level: ** X-Spam-Status: No, score=2.379 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd2-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id 4O4WanlrSdst for ; Wed, 15 Mar 2017 13:39:54 +0000 (UTC) Received: from mail-qk0-f180.google.com (mail-qk0-f180.google.com [209.85.220.180]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id CF3075FCD7 for ; Wed, 15 Mar 2017 13:39:53 +0000 (UTC) Received: by mail-qk0-f180.google.com with SMTP id 1so12814037qkl.3 for ; Wed, 15 Mar 2017 06:39:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=rIY6H5G1jp1r0nF6Mg98VDSIBGHvtSSebam9B6QNKDk=; b=VizdW8MRrYHfRlFtZ5oCpRHCkVEf5osbMFFCXQgxH8h/v0yqnkBAu5K45FtAOFl7fS XPH/oj7GOkni3N7TisPa0FGw0QTss8UJQSveRdKkUA6RCyz4H6l3LF4lp23hX2V89x4E dwAKTGCRL0iCGlClZlLknIhGgHow/HwD4SLP5ogkb9STG4M16Zn6OIVj8EHUbcwEsd2L 4DuU4nIycZ5h9iMLVJ/HIHiAcMsfXjOaS9WFTm5XYN4mAeJQ1kOymVZJFTqLWhsepHEu UUTS03AQawJrjW0oiG+dJJ9IETsMnv3hJKkAZc29xEgcu3Bz7HQ9edzU/WVDtrrax0rk egcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=rIY6H5G1jp1r0nF6Mg98VDSIBGHvtSSebam9B6QNKDk=; b=E+TPyh3lyPbE2nL39x9AW/II001+6hqxTqSeyck3q2PnKm1Q9a/AZiPOXETLf7jHzK cYi51o3oFS1b8UKtvCTsSor4nOQF/qqWvpG6M2bPK/OAuQHt+27oJMwFq5si29xKB3E4 fWf+Ms5xnkIejbS00BTNyv/7xdcfC61whELWbDeWE6wGLxTNKf6d//K466xgZ804liKK IueSM9quxiV1h6PS6iKR7IYOpOD8Nh1HdkEjEWAuYUm9b3ZGe+O1iKjgpawgnG6tmx/0 Y4XRRu2Hl9PiDVsZWL3lwVV/a8fUj6zR/GAgkHex6botsN6K9PYEAHOwpTyM1rpLrvm2 crow== X-Gm-Message-State: AFeK/H3Twq9Xphfb1udBdqmQsIwh6mG48TceS+tsz1UUvUF60fNzfFT7hyd7wfqcNVACpzLvwrqUDuWq/HfDKA== X-Received: by 10.55.39.216 with SMTP id n207mr2679449qkn.315.1489585187291; Wed, 15 Mar 2017 06:39:47 -0700 (PDT) MIME-Version: 1.0 Received: by 10.12.137.59 with HTTP; Wed, 15 Mar 2017 06:39:46 -0700 (PDT) In-Reply-To: References: From: Rob Godfrey Date: Wed, 15 Mar 2017 14:39:46 +0100 Message-ID: Subject: Re: [Java Broker] Port 0 range To: "users@qpid.apache.org" Content-Type: multipart/alternative; boundary=94eb2c094a76f39240054ac513b7 archived-at: Wed, 15 Mar 2017 13:40:00 -0000 --94eb2c094a76f39240054ac513b7 Content-Type: text/plain; charset=UTF-8 On 14 March 2017 at 17:47, Adel Boutros wrote: > Hello Rob, > > > I think I wasn't clear enough. Sorry for that. > > > As referenced here[1], there are registered ports which are dynamic ports > however they identify a know service (5672 is one of them). > > What I am talking about are private dynamic ports (ephemeral ports) which > are not registered and to be used internally. > > > As this is not a requirement useful for all users of the Broker, I was > wondering if there was a way to specify a certain port range for the broker > to get an available port from it and which is a lot more restrictive than > the full dynamic range. > I understood your original question I think :-) You want to restrict which ports are allocated from when you pass in "0" as the service port number. As per my original answer, Qpid (or rather the JVM) simply uses the operating system to choose the port. The operating system is configured with a particular port range to pick the ephemeral port from... so I think this is something you would want to configure in your OS rather than in the broker. If the broker on your operating system is allowing ports which you believe should be restricted to well known services you should double check the operating system configuration. If the OS configuration looks correct, but the broker is allocating outside of that range then that would be interesting. -- Rob > > [1]: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers > > > ________________________________ > From: Rob Godfrey > Sent: Tuesday, March 14, 2017 5:25:56 PM > To: users@qpid.apache.org > Subject: Re: [Java Broker] Port 0 range > > So, the Broker is simply using the Java mechanism... and the Java mechanism > is (I presume) just obeying the settings in your operating system. Which > operating system are you seeing the broker pick "low" ports on, and how is > that operating system configured with respect to the "dynamic" port > range[1]? What sort of "low" numbers are you getting... which operating > system are you seeing this on... and does the port number you are seeing > lay outside the OS settings for dynamic port assignment? > > -- Rob > > [1] According to this ( > http://stackoverflow.com/questions/913501/how-to-let- > kernel-choose-a-port-number-in-the-range-1024-5000-in-tcp-socket-pr) > StackOverflow question, the following commands can be used to get the > operating system settings: > > Linux: > cat /proc/sys/net/ipv4/ip_local_port_range > Windows: > netsh int ipv4 show dynamicport tcp > OS X: > sysctl net.inet.ip.portrange.first net.inet.ip.portrange.last > Solaris: > /usr/sbin/ndd /dev/tcp tcp_smallest_anon_port tcp_largest_anon_port > > On 14 March 2017 at 16:56, Adel Boutros wrote: > > > Hello, > > > > > > We are asked to deploy broker on random ports. So we thought about using > > Port 0 and let the Broker find available ports. > > > > This works as expected however we have a concern with the port range. > > > > > > It seems by default Java will take any port outside the well known ports > > and assign it. However, in large environments, services are requested to > > use private/dynamic ports (range 49152 to 65535 as specified by the > > Internet Assigned Numbers Authority). > > > > > > So I was wondering if there was a way to make the broker respect this > port > > range when it is passed a port value of 0? > > > > > > Maybe allow the user to pass a property defining the range of ports > > available. > > > > > > What do you think? > > > > > > Regards, > > > > Adel > > > --94eb2c094a76f39240054ac513b7--