superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/include/net
History
Fernando Fernandez Mancera 7da62262ec inet: add ip_local_port_step_width sysctl to improve port usage distribution 
With the current port selection algorithm, ports after a reserved port
range or long time used port are used more often than others [1]. This
causes an uneven port usage distribution. This combines with cloud
environments blocking connections between the application server and the
database server if there was a previous connection with the same source
port, leading to connectivity problems between applications on cloud
environments.

The real issue here is that these firewalls cannot cope with
standards-compliant port reuse. This is a workaround for such situations
and an improvement on the distribution of ports selected.

The proposed solution is to implement a variant of RFC 6056 Algorithm 5.
The step size is selected randomly on every connect() call ensuring it
is a coprime with respect to the size of the range of ports we want to
scan. This way, we can ensure that all ports within the range are
scanned before returning an error. To enable this algorithm, the user
must configure the new sysctl option "net.ipv4.ip_local_port_step_width".

In addition, on graphs generated we can observe that the distribution of
source ports is more even with the proposed approach. [2]

[1] https://0xffsoftware.com/port_graph_current_alg.html

[2] https://0xffsoftware.com/port_graph_random_step_alg.html

Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Fernando Fernandez Mancera <fmancera@suse.de>
Link: https://patch.msgid.link/20260309023946.5473-2-fmancera@suse.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 		2026-03-10 18:59:39 -07:00
..
9p 9p: convert to the new mount API 2025-11-03 16:49:53 +09:00
bluetooth Bluetooth: L2CAP: Fix result of L2CAP_ECRED_CONN_RSP when MTU is too short 2026-02-23 15:28:56 -05:00
caif caif: Remove unused cfsrvl_getphyid 2024-10-08 15:33:49 -07:00
iucv treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
libeth libeth, idpf: use truesize as XDP RxQ info frag_size 2026-03-05 08:02:05 -08:00
mana net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response 2026-03-10 13:39:51 +01:00
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2026-03-05 12:11:05 -08:00
netns inet: add ip_local_port_step_width sysctl to improve port usage distribution 2026-03-10 18:59:39 -07:00
nfc nfc: nci: Fix race between rfkill and nci_unregister_device(). 2026-01-28 19:32:26 -08:00
page_pool Revert "Merge branch 'netkit-support-for-io_uring-zero-copy-and-af_xdp'" 2026-01-20 18:06:01 -08:00
phonet phonet: Convert phonet_routes.lock to spinlock_t. 2024-10-24 16:03:40 +02:00
phy net: phy: realtek: add dummy PHY driver for RTL8127ATF 2026-01-12 19:29:11 -08:00
psp psp: add stats from psp spec to driver facing api 2025-11-07 18:53:57 -08:00
sctp sctp: Remove unused declaration sctp_auth_init_hmacs() 2025-11-14 18:00:34 -08:00
tc_act net/sched: act_ife: Fix metalist update behavior 2026-03-05 07:54:08 -08:00
6lowpan.h
Space.h net: appletalk: remove cops support 2023-10-04 11:49:20 -07:00
act_api.h net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks 2026-02-27 19:06:21 -08:00
addrconf.h ipv6: addrconf: reduce default temp_valid_lft to 2 days 2026-02-17 17:12:06 -08:00
af_ieee802154.h
af_rxrpc.h rxrpc: Remove deadcode 2025-04-24 17:03:45 -07:00
af_unix.h af_unix: Introduce SO_INQ. 2025-07-08 18:05:25 -07:00
af_vsock.h vsock: lock down child_ns_mode as write-once 2026-02-26 11:10:03 +01:00
ah.h
aligned_data.h udp: move udp_memory_allocated into net_aligned_data 2025-07-02 14:22:02 -07:00
amt.h
arp.h
atmclip.h
ax25.h Summary 2026-02-18 10:45:36 -08:00
ax88796.h
bareudp.h
bond_3ad.h bonding: support aggregator selection based on port priority 2025-09-09 10:56:02 +02:00
bond_alb.h bonding: Correct spelling in headers 2024-08-26 09:37:22 -07:00
bond_options.h bonding: add support for per-port LACP actor priority 2025-09-09 10:56:02 +02:00
bonding.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2026-03-05 12:11:05 -08:00
bpf_sk_storage.h
busy_poll.h net: gro: decouple GRO from the NAPI layer 2025-02-27 14:03:14 +01:00
calipso.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
can.h can: add CAN skb extension infrastructure 2026-02-05 11:58:39 +01:00
cfg80211-wext.h
cfg80211.h wifi: cfg80211: support key installation on non-netdev wdevs 2026-03-02 11:28:33 +01:00
cfg802154.h mac802154: fix llsec key resources release in mac802154_llsec_key_del 2024-03-06 21:01:26 +01:00
checksum.h net: Fix checksum update for ILA adj-transport 2025-05-30 19:53:51 -07:00
cipso_ipv4.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
cls_cgroup.h net/cls_cgroup: Fix task_get_classid() during qdisc run 2025-09-14 11:55:04 -07:00
codel.h
codel_impl.h
codel_qdisc.h
compat.h
datalink.h
dcbevent.h
dcbnl.h
devlink.h devlink: support default values for param-get and param-set 2025-11-20 19:01:22 -08:00
dropreason-core.h net: sched: sch_dualpi2: use qdisc_dequeue_drop() for dequeue drops 2026-02-28 15:31:35 -08:00
dropreason-qdisc.h net: sched: sch_dualpi2: use qdisc_dequeue_drop() for dequeue drops 2026-02-28 15:31:35 -08:00
dropreason.h net: sched: introduce qdisc-specific drop reason tracing 2026-02-28 15:31:34 -08:00
dsa.h net: dsa: add tag format for MxL862xx switches 2026-02-11 11:27:57 +01:00
dsa_stubs.h net: dsa: Use conduit and user terms 2023-10-24 13:08:14 -07:00
dscp.h net: add IEEE 802.1q specific helpers 2024-05-08 10:35:09 +01:00
dsfield.h
dst.h inet: add dst4_mtu() and dst6_mtu() helpers 2026-02-02 17:49:29 -08:00
dst_cache.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
dst_metadata.h net: dst_metadata: fix IP_DF bit not extracted from tunnel headers 2025-09-14 14:28:12 -07:00
dst_ops.h net: fix __dst_negative_advice() race 2024-05-29 17:34:49 -07:00
eee.h net: simplify eeecfg_mac_can_tx_lpi 2024-11-13 18:49:50 -08:00
erspan.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
esp.h
espintcp.h inet: preserve const qualifier in inet_csk() 2024-04-01 21:27:08 -07:00
ethoc.h
failover.h
fib_notifier.h net: do not acquire rtnl in fib_seq_sum() 2024-10-11 15:35:05 -07:00
fib_rules.h net: fib_rules: Fix iif / oif matching on L3 master device 2025-04-15 17:54:56 -07:00
firewire.h
flow.h ipv4: Convert ->flowi4_tos to dscp_t. 2025-08-26 17:34:31 -07:00
flow_dissector.h flow_dissector: cleanup FLOW_DISSECTOR_KEY_ENC_FLAGS 2024-07-15 09:14:39 -07:00
flow_offload.h net: dsa: eliminate local type for tc policers 2026-02-10 15:30:11 +01:00
fou.h
fq.h
fq_impl.h Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
garp.h
gen_stats.h
genetlink.h genetlink: fix typo in comment 2025-09-03 15:16:49 -07:00
geneve.h
gre.h ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
gro.h gro: inline tcp6_gro_complete() 2026-01-21 19:28:32 -08:00
gro_cells.h
gso.h
gtp.h gtp: properly parse extension headers 2024-05-07 01:35:55 +02:00
gue.h
handshake.h
hotdata.h net-sysfs: use rps_tag_ptr and remove metadata from rps_sock_flow_table 2026-03-04 16:54:09 -08:00
hwbm.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
icmp.h ipv4: icmp: Pass IPv4 control block structure as an argument to __icmp_send() 2025-09-11 12:22:38 +02:00
ieee8021q.h net: add IEEE 802.1q specific helpers 2024-05-08 10:35:09 +01:00
ieee80211_radiotap.h wifi: mac80211: add RX flag to report radiotap VHT information 2025-10-30 08:38:51 +01:00
ieee802154_netdev.h mac802154: Handle association requests from peers 2023-11-20 11:43:03 +01:00
if_inet6.h ipv6: anycast: complete RCU handling of struct ifacaddr6 2024-02-26 18:40:34 -08:00
ife.h
inet6_connection_sock.h tcp: move inet6_csk_update_pmtu() to tcp_ipv6.c 2026-02-24 17:47:27 -08:00
inet6_hashtables.h tcp: Initialise ehash secrets during connect() and listen(). 2026-03-05 18:50:05 -08:00
inet_common.h net: remove addr_len argument of recvmsg() handlers 2026-03-02 18:17:17 -08:00
inet_connection_sock.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2026-02-26 10:23:00 -08:00
inet_dscp.h ipv4: Convert ->flowi4_tos to dscp_t. 2025-08-26 17:34:31 -07:00
inet_ecn.h tcp: ECT_1_NEGOTIATION and NEEDS_ACCECN identifiers 2026-02-03 15:13:24 +01:00
inet_frag.h inet: frags: flush pending skbs in fqdir_pre_exit() 2025-12-10 01:15:27 -08:00
inet_hashtables.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2026-03-05 12:11:05 -08:00
inet_sock.h ipv6: colocate inet6_cork in inet_cork_full 2026-02-02 17:49:30 -08:00
inet_timewait_sock.h tcp: Update bind bucket state on port release 2025-09-23 10:12:15 +02:00
inetpeer.h inetpeer: remove create argument of inet_getpeer() 2024-12-17 19:37:00 -08:00
ioam6.h ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data() 2026-02-13 12:24:05 -08:00
ip.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2026-03-05 12:11:05 -08:00
ip6_checksum.h udp: move udp6_csum_init() back to net/ipv6/udp.c 2026-02-24 16:30:40 -08:00
ip6_fib.h ipv6: Defer fib6_purge_rt() in fib6_add_rt2node() to fib6_add(). 2025-04-24 09:29:56 +02:00
ip6_route.h ipv6: make ipv6_anycast_destination logic usable without dst_entry 2026-03-04 11:45:44 +01:00
ip6_tunnel.h ipv6: adopt skb_dst_dev() and skb_dst_dev_net[_rcu]() helpers 2025-07-02 14:32:30 -07:00
ip_fib.h net: ipv4: fix ARM64 alignment fault in multipath hash seed 2026-03-03 17:20:37 -08:00
ip_tunnels.h ipv4: ip_tunnel: spread netdev_lockdep_set_classes() 2026-01-08 18:02:35 -08:00
ip_vs.h ipvs: use more keys for connection hashing 2026-03-04 11:45:45 +01:00
ipcomp.h xfrm: ipcomp: Use crypto_acomp interface 2025-03-21 17:36:49 +08:00
ipconfig.h
ipv6.h net: remove addr_len argument of recvmsg() handlers 2026-03-02 18:17:17 -08:00
ipv6_frag.h inet: frags: flush pending skbs in fqdir_pre_exit() 2025-12-10 01:15:27 -08:00
ipv6_stubs.h net: Convert proto callbacks from sockaddr to sockaddr_unsized 2025-11-04 19:10:33 -08:00
iw_handler.h Revert "wifi: cfg80211: unexport wireless_nlevent_flush()" 2024-10-09 08:53:01 +02:00
kcm.h net: kcm: Fix race condition in kcm_unattach() 2025-08-13 18:18:33 -07:00
l3mdev.h net: l3mdev: use skb_dst_dev_rcu() in l3mdev_l3_out() 2026-02-02 17:09:11 -08:00
lag.h
lapb.h net: lapb: increase LAPB_HEADER_LEN 2024-12-06 17:43:08 -08:00
llc.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h llc: Constify struct llc_conn_state_trans 2024-07-15 08:51:01 -07:00
llc_conn.h
llc_if.h
llc_pdu.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h llc: Constify struct llc_sap_state_trans 2024-07-15 08:51:19 -07:00
llc_sap.h
lwtunnel.h net: dst: annotate data-races around dst->output 2025-07-02 14:32:30 -07:00
mac80211.h wifi: mac80211: Fix AAD/Nonce computation for management frames with MLO 2026-03-02 09:53:19 +01:00
mac802154.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
macsec.h net: macsec: Add endianness annotations in salt struct 2025-01-20 12:20:42 +00:00
mctp.h net: mctp: Allow limiting binds to a peer address 2025-07-15 12:08:39 +02:00
mctpdevice.h net: mctp: Expose transport binding identifier via IFLA attribute 2024-11-09 09:04:54 -08:00
mip6.h
mld.h
mpls.h
mpls_iptunnel.h
mptcp.h mptcp: sched: remove mptcp_sched_data 2025-04-15 08:21:46 -07:00
mrp.h
ncsi.h
ndisc.h net: replace ND_PRINTK with dynamic debug 2025-07-10 15:27:32 -07:00
neighbour.h neighbour: Convert rwlock of struct neigh_table to spinlock. 2025-10-24 17:57:20 -07:00
neighbour_tables.h neighbour: Create netdev->neighbour association 2024-11-09 13:22:57 -08:00
net_debug.h Kbuild updates for v6.13 2024-11-30 13:41:50 -08:00
net_failover.h
net_namespace.h netns: optimize netns cleaning by batching unhash_nsid calls 2026-02-06 20:01:31 -08:00
net_ratelimit.h
net_shaper.h net-shapers: implement NL get operation 2024-10-10 08:30:22 -07:00
net_trackers.h
netdev_lock.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-05-22 09:42:41 -07:00
netdev_netlink.h net: add granular lock for the netdev netlink socket 2025-03-12 13:32:35 -07:00
netdev_queues.h net: add queue config validation callback 2026-01-23 11:49:02 -08:00
netdev_rx_queue.h net-sysfs: use rps_tag_ptr and remove metadata from rps_dev_flow_table 2026-03-04 16:54:10 -08:00
netevent.h
netkit.h bpf, netkit: Add indirect call wrapper for fetching peer dev 2023-11-20 10:15:16 -08:00
netlabel.h Networking changes for 6.13. 2024-11-21 08:28:08 -08:00
netlink.h netlink: introduce type-checking attribute iteration for nlmsg 2025-07-02 15:39:04 -07:00
netmem.h netmem: remove the pp fields from net_iov 2026-02-26 19:45:24 -08:00
netprio_cgroup.h
netrom.h
nexthop.h ipv6: Protect nh->f6i_list with spinlock and flag. 2025-04-24 09:29:56 +02:00
nl802154.h nl802154: fix some kernel-doc warnings 2025-10-20 17:13:40 -07:00
nsh.h
pfcp.h net: pfcp: fix typo in message_priority field name 2025-06-13 18:17:08 -07:00
pie.h
ping.h net: remove addr_len argument of recvmsg() handlers 2026-03-02 18:17:17 -08:00
pkt_cls.h net: sched: fix TCF_LAYER_TRANSPORT handling in tcf_get_base_ptr() 2025-11-24 18:53:14 -08:00
pkt_sched.h net/sched: don't use dynamic lockdep keys with clsact/ingress/noqueue 2026-02-05 09:32:45 -08:00
pptp.h
proto_memory.h net: Allow opt-out from global protocol memory accounting. 2025-10-16 12:04:47 -07:00
protocol.h ipv6: move tcp_ipv6_hash_secret and udp_ipv6_hash_secret to net_hotdata 2024-03-07 21:12:43 -08:00
psample.h net: psample: fix flag being set in wrong skb 2024-07-11 18:11:31 -07:00
psnap.h
psp.h psp: base PSP device support 2025-09-18 12:32:06 +02:00
raw.h net: use NUMA drop counters for softnet_data.dropped 2025-09-14 11:35:17 -07:00
rawv6.h
red.h net: sched: Correct spelling in headers 2024-08-26 09:37:23 -07:00
regulatory.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
request_sock.h tcp: move __reqsk_free() out of line 2026-02-05 09:23:06 -08:00
rose.h net: rose: convert 'use' field to refcount_t 2025-08-27 07:43:08 -07:00
route.h net: use dst_dev_rcu() in sk_setup_caps() 2025-08-29 19:36:32 -07:00
rpl.h
rps-types.h net: add rps_tag_ptr type and helpers 2026-03-04 16:54:09 -08:00
rps.h net-sysfs: use rps_tag_ptr and remove metadata from rps_dev_flow_table 2026-03-04 16:54:10 -08:00
rsi_91x.h
rstreason.h net: Retire DCCP socket. 2025-04-11 18:58:10 -07:00
rtnetlink.h rtnetlink: Remove "net" from newlink params 2025-02-21 15:28:03 -08:00
rtnh.h
sch_generic.h net/sched: do not reset queues in graft operations 2026-03-09 18:55:55 -07:00
sch_priv.h net/sched: Export mq functions for reuse 2026-01-13 11:54:29 +01:00
scm.h af_unix/scm: fix whitespace errors 2025-07-04 09:32:35 +02:00
secure_seq.h tcp: secure_seq: add back ports to TS offset 2026-03-04 17:44:35 -08:00
seg6.h ipv6: sr: restruct ifdefines 2024-05-30 18:29:38 -07:00
seg6_hmac.h ipv6: sr: Prepare HMAC key ahead of time 2025-08-26 18:11:29 -07:00
seg6_local.h seg6: Use nested-BH locking for seg6_bpf_srh_states. 2024-06-24 16:41:23 -07:00
selftests.h net: selftests: export packet creation helpers for driver use 2025-11-06 13:38:11 +01:00
slhc_vj.h
smc.h net/smc: bpf: Introduce generic hook for handshake flow 2025-11-10 11:19:41 -08:00
snmp.h net: snmp: remove SNMP_MIB_SENTINEL 2025-09-08 18:06:21 -07:00
sock.h net: remove addr_len argument of recvmsg() handlers 2026-03-02 18:17:17 -08:00
sock_reuseport.h net: core: annotate socks of struct sock_reuseport with __counted_by 2024-08-02 17:16:59 -07:00
stp.h
strparser.h strparser: Remove unused __strp_unpause 2025-05-05 16:48:12 -07:00
switchdev.h net: bridge: switchdev: Skip MDB replays of deferred events on offload 2024-02-16 09:36:37 +00:00
tc_wrapper.h net/sched: refine indirect call mitigation in tc_wrapper.h 2026-03-09 19:31:41 -07:00
tcp.h tcp: inline tcp_chrono_start() 2026-03-09 19:34:00 -07:00
tcp_ao.h tcp: Free TCP-AO/TCP-MD5 info/keys without RCU 2025-09-11 19:05:56 -07:00
tcp_ecn.h tcp: accecn: add tcpi_ecn_mode and tcpi_option2 in tcp_info 2026-02-03 15:13:25 +01:00
tcp_states.h tcp: Dump bound-only sockets in inet_diag. 2023-12-04 14:45:26 -08:00
tcx.h bpf: Remove location field in tcx_link 2025-07-11 11:00:57 -07:00
timewait_sock.h tcp: Remove timewait_sock_ops.twsk_destructor(). 2025-08-25 17:53:35 -07:00
tipc.h
tls.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-10-31 06:46:03 -07:00
tls_prot.h
tls_toe.h
transp_v6.h
tso.h
tun_proto.h
udp.h net: fix off-by-one in udp_flow_src_port() / psp_write_headers() 2026-03-04 16:51:10 -08:00
udp_tunnel.h geneve: expose gso partial features for tunnel offload 2026-01-23 11:31:14 -08:00
udplite.h udplite: fix various data-races 2023-09-14 16:16:36 +02:00
vsock_addr.h net: Convert proto_ops connect() callbacks to use sockaddr_unsized 2025-11-04 19:10:32 -08:00
vxlan.h vxlan: Support MC routing in the underlay 2025-06-17 18:18:46 -07:00
wext.h
x25.h net/x25: Remove unused x25_terminate_link() 2025-07-14 17:19:13 -07:00
x25device.h
xdp.h bpf-next-for-netdev 2025-09-24 10:22:37 -07:00
xdp_priv.h
xdp_sock.h xsk: add indirect call for xsk_destruct_skb 2025-11-11 10:21:08 +01:00
xdp_sock_drv.h xsk: introduce helper to determine rxq->frag_size 2026-03-05 08:02:03 -08:00
xfrm.h xfrm: reduce struct sec_path size 2026-02-10 20:21:48 -08:00
xsk_buff_pool.h xsk: move cq_cached_prod_lock to avoid touching a cacheline in sending path 2026-01-15 10:07:45 +01:00