Although 1-65535 are legit TCP ports and it is true that 1-1023 are for well known port services. You may run into random issues with your own services if they are started after an ephemeral port is established. For those who may not know, ephemeral ports are those that are connected locally for remote end points (or something to that effect). So if you write a TCP service that listens on port 20001. You might be good today... and tomorrow. But one day your service may startup and attempt to bind to 20001 and it will fail because it was taken as an ephemeral port. There is a solution. You must have your admin, or yourself, change the system ephemeral port range policy on your server. On linux systems it is done in two steps:
- Dynamically
- Permanently
Both steps must be taken, unless you are planning to reboot (in which case the Dynamic step is not needed). To set your range up to 40000 thru 65535 do the following:
Dynamic
echo 40000 65535 > /proc/sys/net/ipv4/ip_local_port_range
or
sysctl -w net.ipv4.ip_local_port_range="40000 65535"
Permanent
Add the following to /etc/sysctl.conf:
net.ipv4.ip_local_port_range = 40000 65535
To read the current setting or to confirm the change:
/sbin/sysctl net.ipv4.ip_local_port_range
The output will be something like this:
net.ipv4.ip_local_port_range = 9000 65500
Be sure you understand the purpose of your server. Reducing the range too much can lead to other issues.
Happy Coding! (or whatever you do)
