(转)Linux预留端口避免占用ip_local_reserved_ports
问题描述:
业务遇到这个情况,在重启服务时,出现1986端口被占用而无法启动,非得等该端口释放后才启动成功。
问题分析:
1986端口被该服务器上的客户端随机选取源端口给占用掉了。
解决方案:
使用net.ipv4.ip_local_port_range参数,规划出一段端口段预留作为服务的端口,这种方法是可以解决当前问题,但是会有个问题,端口使用量减少了,当服务器需要消耗大量的端口号的话,比如反代服务器,就存在瓶颈了。
最好的做法是将服务监听的端口以逗号分隔全部添加到ip_local_reserved_ports中,TCP/IP协议栈从ip_local_port_range中随机选取源端口时,会排除ip_local_reserved_ports中定义的端口,因此就不会出现端口被占用了服务无法启动。
ip_local_reserved_ports解释如下:
ip_local_reserved_ports - list of comma separated ranges
Specify the ports which are reserved for known third-party
applications. These ports will not be used by automatic port
assignments (e.g. when calling connect() or bind() with port
number 0). Explicit port allocation behavior is unchanged.
The format used for both input and output is a comma separated
list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and
10). Writing to the file will clear all previously reserved
ports and update the current list with the one given in the
input.
Note that ip_local_port_range and ip_local_reserved_ports
settings are independent and both are considered by the kernel
when determining which ports are available for automatic port
assignments.
You can reserve ports which are not in the current
ip_local_port_range, e.g.:
$ cat /proc/sys/net/ipv4/ip_local_port_range
32000 61000
$ cat /proc/sys/net/ipv4/ip_local_reserved_ports
8080,9148
although this is redundant. However such a setting is useful
if later the port range is changed to a value that will
include the reserved ports.
Default: Empty
https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
net.ipv4.ip_local_reserved_ports = 1986, 11211-11220,32153
[warning]注意:内核版本要大于2.6.18-164,否则不支持该参数。[/warning]
转自:http://www.ttlsa.com/linux/reserved-port-to-avoid-occupying-ip_local_reserved_ports/