From 3c4084c30c60a390bc432a9c8fd6f7e461a0aaae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= Date: Tue, 24 Sep 2024 16:18:24 -0300 Subject: [PATCH] ares_socket: set IP_BIND_ADDRESS_NO_PORT on ares_set_local_ip* tcp sockets (#887) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If you bind to a local address, you now only have approx 32k possible source ports to initiate connections. In modern days that can quickly run out. setting IP_BIND_ADDRESS_NO_PORT let's the kernel choose a port at connect time, increasing the limit of combinations to around a million. Authored-By: Cristian Rodríguez (@crrodriguez) --- src/lib/ares_socket.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/lib/ares_socket.c b/src/lib/ares_socket.c index 776dff69..55de6a39 100644 --- a/src/lib/ares_socket.c +++ b/src/lib/ares_socket.c @@ -574,7 +574,12 @@ ares_status_t ares_socket_configure(ares_channel_t *channel, int family, sizeof(channel->local_ip6)); bindlen = sizeof(local.sa6); } - +#ifdef IP_BIND_ADDRESS_NO_PORT + if (is_tcp && bindlen) { + int opt = 1; + (void) setsockopt(fd, SOL_IP, IP_BIND_ADDRESS_NO_PORT, &opt, sizeof(opt)); + } +#endif if (bindlen && bind(fd, &local.sa, bindlen) < 0) { return ARES_ECONNREFUSED; }