using multiple addresses to avoid running out of source ports (Performance and cheap storage)

Greg A. Woods woods-cyrus at
Tue Aug 8 15:44:42 EDT 2006

At Tue, 8 Aug 2006 15:59:52 +1000,
Bron Gondwana wrote:
> Yes, exactly - though we're thinking about asking Igor (the author
> of Nginx) to allow you to choose a local bind address for each
> connection.

Note that, IIUC, with *BSD at least the source address is chosen based
on the peer's network address when the peer is on a locally attached
physical network.  I.e. put several pairs of interface alias addresses
on each of the front-end and back-end machines with each pair in a
different logical subnet (all attached to the same interface and running
over same private physical network segment, and all using RFC-1918
private addresses of course unless you have lots of spare public subnets
to play with).

If I'm mistaken about how interface alias addesses might work this way
then it would still be possible to do what I'm saying with a virtual
group of VLAN interfaces.  That way the network stack would be forced to
assign a local address based on the local VLAN interface the connection
goes out on.  That's trivial to do on FreeBSD or NetBSD with vlan(4).

(You wouldn't really have to use separate subnets when each address pair
is locked into its own private VLAN either, not that there aren't
zillions of available private subnets to play with. :-))

						Greg A. Woods

H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods at>
Planix, Inc. <woods at>       Secrets of the Weird <woods at>

More information about the Info-cyrus mailing list