Source port on AIX for NAS is same?


Thread Tools Search this Thread
# 15  
Old 06-21-2018
Originally Posted by anil1000
How to keep it alive? What do you mean by this, which connection to keep it alive? Kindly suggest..
In regular intervals packets are sent in an existing connection to make sure the partner still is there. These packets are called "keepalive" packets. If these packets are not received the partner assumes that the other side went dead and closes the connection.

Think of a connection like a telephone call: when you talk to someone you expect some sort of acknowledgement that the other is still listening at times, be it "aha" or "hmm" or something such. If you don't get that you may ask "are you still there" - and if there is no answer you hang up. This is quite the same mechanism.

I hope that helps.

# 16  
Old 06-21-2018
In addition to what Bakunin said:
A firewall drops or rejects a connection after a certain period if there is no activity.
A keep-alive message can be sent as a null packet periodically by the client to keep a service alive. This keeps the firewall from dropping the connection. Of course if this is done liberally by every host for every connection then the connection table in the firewall would become too long. That is why some firewalls detect this behavior and ignore keepalives messages.
# 17  
Old 08-15-2018
I know this is an old discussion - but your problem is, imho, self-inflicted.

michael@x071:[/home/michael]nfso -h nfs_use_reserved_ports
Specifies using nonreserved IP port number.
        Default: 0
        Range: 0 - 1
        Type: Dynamic
        Unit: On/Off
Value of 0 will use nonreserved IP port number when the NFS client communicates with the NFS server.

The default is zero (0)
michael@x071:[/home/michael]nfso -o nfs_use_reserved_ports
nfs_use_reserved_ports = 0

In the early 1980's there was this idea that port numbers less than 1024 could be "trusted" because only the super-user (aka root) could access them. This trust has been misplaced since the late 1980's as too many processes can access this so-called trusted ports. Why trust NFS (on port 2049)? It is well above 1024. Why it that number above 2049 trust-worthy and not other numbers.

In short, "trusted ports" exist in that it is still specified that a kernel privilege is needed to "open" aka request a connection from/to any other port.

If someone, even from your local security, says they MUST be 1023 and smaller - of course you can comply - BUT they are causing another security concept to become breached - availability. Not enough ports means no connectivity.

In short, port numbers - there is no added trust because a specific port number is being used. There might be a technical reason (e.g., firewall rules) to stay in a particular range - but the port number itself neither adds nor subtracts from the application security.

My 4 cents - hope it gets you decent coffee Smilie

Thread Tools Search this Thread
Search this Thread:
Advanced Search

More UNIX and Linux Forum Topics You Might Find Helpful
How to release port on AIX? Mcipamo UNIX for Advanced & Expert Users 5 11-29-2018 03:56 PM
AIX Frame: NIC port down gps1976 AIX 1 01-22-2015 08:35 AM
XVFB Source package for AIX prathap.g AIX 3 07-16-2014 03:47 AM
Help with AIX port limit Lucas_0418 UNIX for Advanced & Expert Users 2 03-24-2014 11:11 PM
Changing source port number of a TCP client packet anuragrai134 Programming 0 03-24-2010 01:42 AM
Who's using my port in AIX tenderfoot AIX 1 03-05-2010 06:08 AM
How to compile a package in AIX when we download its source? johnveslin AIX 2 03-01-2010 06:58 PM
Compiling samba from source in AIX 5.3 raidzero AIX 4 01-18-2010 12:51 PM
AIX(VIO/LPAR) with Free NAS ISCSI solution kabir AIX 4 12-08-2009 10:09 AM
Serial port in AIX pchangba AIX 1 07-15-2009 07:04 AM
how to port a package to huge source code having its own make and compilers Gopi Krishna P UNIX for Advanced & Expert Users 1 05-29-2009 12:16 PM
Source code for serial port smartgupta Programming 0 12-16-2008 09:51 AM
How to open a port in AIX sanju_d1231 AIX 2 05-07-2008 05:38 AM
Good source of AIX Specific Scripting? dbridle AIX 3 03-15-2006 10:48 AM