diff options
author | dillon <dillon@FreeBSD.org> | 2002-08-25 18:34:48 +0000 |
---|---|---|
committer | dillon <dillon@FreeBSD.org> | 2002-08-25 18:34:48 +0000 |
commit | 928233d6eae7ebe62aa70b3a64d8332d2eef20c7 (patch) | |
tree | b2bd46c060ff853c01b963b1f887beae8bed8415 /share/man/man7/tuning.7 | |
parent | 71adc61be23d61230b2921295477d8a0d3f534c1 (diff) | |
download | FreeBSD-src-928233d6eae7ebe62aa70b3a64d8332d2eef20c7.zip FreeBSD-src-928233d6eae7ebe62aa70b3a64d8332d2eef20c7.tar.gz |
Add a section on the net.inet.ip.portrange.* sysctls.
Suggested by: Mike Harding <mvh@ix.netcom.com>
MFC after: 3 days
Diffstat (limited to 'share/man/man7/tuning.7')
-rw-r--r-- | share/man/man7/tuning.7 | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/share/man/man7/tuning.7 b/share/man/man7/tuning.7 index 4a18e25..2cc2061 100644 --- a/share/man/man7/tuning.7 +++ b/share/man/man7/tuning.7 @@ -545,6 +545,32 @@ only effects data transmission (uploading / server-side). It does not effect data reception (downloading). .Pp The +.Va net.inet.ip.portrange.* +sysctls control the port number ranges automatically bound to TCP and UDP +sockets. There are three ranges: A low range, a default range, and a +high range, selectable via an IP_PORTRANGE setsockopt() call. Most +network programs use the default range which is controlled by +.Va net.inet.ip.portrange.first +and +.Va net.inet.ip.portrange.last , +which defaults to 1024 and 5000 respectively. Bound port ranges are +used for outgoing connections and it is possible to run the system out +of ports under certain circumstances. This most commonly occurs when you are +running a heavily loaded web proxy. The port range is not an issue +when running serves which handle mainly incoming connections such as a +normal web server, or has a limited number of outgoing connections such +as a mail relay. For situations where you may run yourself out of +ports we recommend increasing +.Va net.inet.ip.portrange.last +modestly. A value of 10000 or 20000 or 30000 may be reasonable. You should +also consider firewall effects when changing the port range. Some firewalls +may block large ranges of ports (usually low-numbered ports) and expect systems +to use higher ranges of ports for outgoing connections. For this reason +we do not recommend that +.Va net.inet.ip.portrange.first +be lowered. +.Pp +The .Va kern.ipc.somaxconn sysctl limits the size of the listen queue for accepting new TCP connections. The default value of 128 is typically too low for robust handling of new |