[Spread-users] INET unable to bind to port - force kill?
Jonathan Stanton
jonathan at cnds.jhu.edu
Wed Aug 1 10:52:32 EDT 2001
On Wed, Aug 01, 2001 at 09:39:49AM +0200, Marc ZYNGIER wrote:
> >>>>> "JS" == Jonathan Stanton <jonathan at cnds.jhu.edu> writes:
>
> JS> If the server had used RESUEADDR then a second copy of the server
> JS> (or ANY other program) could bind to port 5555 after the server
> JS> had started and it is not well defined who would get the data that
> JS> is sent to port 5555 (maybe one program maybe both).
>
> I'm afraid you're wrong here. Multiple bind and data delivery have
> quite clearly defined semantics :
>
> With or without SO_REUSEADDR, you cannot bind twice to the same
> interface (ip address). SO_REUSEADDR allows you to bind to the same
> port, using a different ip address. Each socket gets the traffic
> directed to the ip address it is bound to. Broadcasts are received on
> both. A socket bound to INADDR_ANY acts as a 'garbage collector' for
> data directed to ip addresses nobody is explicitly bound to.
Ok. I think this is right, but I don't have a copy of Stevens or other
documentation handy. The reason I thought it was not well defined is that I
vaugely remember that some implementations (from different OS's) did
actually do slightly different things here, even thought what you describe
makes the most sense and might be the 'standard' behaivor (as well as the
socket interface is standardized).
I was implicitly assuming the use of INADDR_ANY as
that is what spread uses in general. Just recently (as of 3.16.0) we added
the ability to directly bind to the actual interface IP addresses on the
daemon machine. We were thinking of this as useful if you do not want
Spread to listen on all of the interfaces, but the default of using
INADDR_A?NY is easier when you do not want to have to know which interfaces
you need to use.
> You can say 'security hole' if you use SO_REUSEADDR *and* bind to
> INADDR_ANY. That's the only way your traffic can be stolen. The right
> way to do this IMHO is to bind to a specific ip address. I use this on
> quite a lot of systems...
Yes. Spread could examine the interfaces when it starts and bind to all of
them which would be similar to INADDR_ANY, I think the main difference
would be with interfaces which were not up when Spread starts, but come up
afterwards. With INADDR_ANY Spread will also receive traffic on these new
interfaces ( I think ) with specific binds it will receive only the traffic
for the original interfaces.
> I personnaly run multiple Spread instances on my systems, one instance
> per network interface. SO_REUSEADDR is quite mandatory in this case
> (and yes, I want all of them to run on the same tcp port).
Sure, that makes sense and should work fine on the client-server side. Do
you also bind the daemon-to-daemon ports to specific interfaces ( I assume
yes ) and noone (or just one) binds the localhost address?
Jonathan
-------------------------------------------------------
Jonathan R. Stanton jonathan at cs.jhu.edu
Dept. of Computer Science
Johns Hopkins University
-------------------------------------------------------
More information about the Spread-users
mailing list