預留端口避免佔用ip_local_reserved_ports

問題描述：
業務遇到這個狀況，在重啓服務時，出現1986端口被佔用而沒法啓動，非得等該端口釋放後才啓動成功。

問題分析：
1986端口被該服務器上的客戶端隨機選取源端口給佔用掉了。

解決方案：
使用net.ipv4.ip_local_port_range參數，規劃出一段端口段預留做爲服務的端口，這種方法是能夠解決當前問題，可是會有個問題，端口使用量減小了，當服務器須要消耗大量的端口號的話，好比反代服務器，就存在瓶頸了。
最好的作法是將服務監聽的端口以逗號分隔所有添加到ip_local_reserved_ports中，TCP/IP協議棧從ip_local_port_range中隨機選取源端口時，會排除ip_local_reserved_ports中定義的端口，所以就不會出現端口被佔用了服務沒法啓動。

ip_local_reserved_ports解釋以下：
ip_local_reserved_ports – list of comma separated ranges
Specify the ports which are reserved for known third-party
applications. These ports will not be used by automatic port
assignments (e.g. when calling connect() or bind() with port
number 0). Explicit port allocation behavior is unchanged.

The format used for both input and output is a comma separated
list of ranges (e.g. 「1,2-4,10-10″ for ports 1, 2, 3, 4 and
10). Writing to the file will clear all previously reserved
ports and update the current list with the one given in the
input.

Note that ip_local_port_range and ip_local_reserved_ports
settings are independent and both are considered by the kernel
when determining which ports are available for automatic port
assignments.

You can reserve ports which are not in the current
ip_local_port_range, e.g.:

$ cat /proc/sys/net/ipv4/ip_local_port_range
32000 61000
$ cat /proc/sys/net/ipv4/ip_local_reserved_ports
8080,9148

although this is redundant. However such a setting is useful
if later the port range is changed to a value that will
include the reserved ports.

Default: Empty

https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt

# vim /etc/sysctl.conf

net.ipv4.ip_local_reserved_ports = 1986, 11211-11220

# sysctl -p

注意：內核版本要大於2.6.18-164

轉載請註明來自運維生存時間: http://www.ttlsa.com/html/3409.html