NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Max concurrent connections and TCP port limits

On Aug 24, 2010, at 6:38 11AM, Sad Clouds wrote:

> Hi I was pondering about the absolute maximum number of concurrent TCP
> connections a given machine can support. In the old days the limit was
> dictated by the CPU speed and/or available memory.
> Well, these days it seems the limit is TCP's 16-bit port numbers. If
> you have a single NAT firewall, or a load balancer in front of many
> machines, how can it support more than 65536 concurrent TCP connections?
> One possible (the only?) way is to bind multiple IP addresses to the
> same physical machine, then theoretically you can have a maximum of:
> num_IP_addr * 2^16 concurrent TCP connections
> Any idea if NetBSD TCP stack can handle such a case, i.e. can it reuse
> the same ephemeral port number with different IP addresses?
When it's acting as a server, it can almost certainly handle that with no 
problem whatsoever.  For client port numbers, I believe you have to remember to 
set SO_REUSEADDR before you can bind to it.

A TCP connection is defined by the 4-tuple <local IP,local port, remote IP, 
remote port>.  You can have very many connections to port 80 if they're all 
coming from the different remote ports or remote hosts.  Thus, you can also 
increase the number of IP addresses on your front end box.

                --Steve Bellovin,

Home | Main Index | Thread Index | Old Index