[Standards] s2s and gracelessly broken streams

Dave Cridland dave at cridland.net
Tue Apr 3 11:22:03 CDT 2007 

On Mon Apr  2 23:29:47 2007, Chris Mullins wrote:
> If your email relay connects to 5000 IP Addresses per day, you're 
> going
> to hit 65000 IP Addresses in 13 days. If each of these connections
> remained open, you would run out of ports in your SMTP server and
> promptly crash. 
> 
A TCP connection is identified by the 4-tuple 
(src_ip,src_port,dst_ip,dst_port). So you'd use up all the ports if 
you connected 65,536 times to the *same* SMTP server, but for obvious 
reasons you don't do that. It's quite practical to have every 
outgoing connection use the same source port number on the same 
source IP address - some protocols, like FTP, even mandate this.

The number of TCP connections is usually limited by the operating 
system, rather than the protocol.


> To get around this, you would be stuck configuring multiple IP 
> Addresses
> for your SMTP server to use. For a 3 month uptime you would need 7 
> IP
> addresses, which isn't exactly ideal. 
> 
... and adding multiple IP addresses realistically doesn't help, 
unless you're really running out of ports (which you're not unless 
you broke something).

> In addition to running out of ports per IP address, there's another
> problem: Memory. A 32 bit machine these days can handle about 30k 
> open,
> active, tcp connections before falling over. A 64-bit machine can 
> handle
> many more, but typically the practical limit is going to max in the 
> 100k
> range. 
> 
I'm curious as to where you get these figures from. Aside from 
anything else, your 100k figure appears to contradict your 65k figure 
above.

As far as I can tell, a typical 32-bit Linux box is limited to a 
little over 100k connections by default.

Assuming around a 60k limit because of memory limitations on 32-bit 
architectures implies that each TCP connection uses something 
approaching 30kBytes, which seems, somehow, rather high to me. (Of 
course, there's buffer sizes to consider, but one assumes that a well 
behaved application and typical network speeds would limit that 
impact).

FWIW, the maximal number of TCP connections made from a single IP 
address (assuming IPv4) is going to be 2**(32+16+16) - the 2**32 
limit of the number of possible IP addresses is therefore much more 
of a pressing issue.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at jabber.org
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade

More information about the Standards mailing list