yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1253482] Re: Keystone's IANA-assigned default port in linux local ephemeral port range

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Wed, 11 Jun 2014 14:59:28 -0000
Reply-to: Bug 1253482 <1253482@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Fix Committed => Fix Released

** Changed in: keystone
    Milestone: None => juno-1

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1253482

Title:
  Keystone's IANA-assigned default port in linux local ephemeral port
  range

Status in devstack - openstack dev environments:
  In Progress
Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  The linux ip port local range is 32768 to 61000 as reported by sysctl:

  $ sysctl -a | grep ip_local_port_range
  net.ipv4.ip_local_port_range = 32768	61000

  Keystone's default port as assigned by IANA is 35357. It is therefore
  possible that keystone will fail to start because some application has
  a socket open on port 35357. We believe this is the case logged at
  http://logs.openstack.org/09/57509/2/gate/gate-tempest-devstack-vm-
  large-ops/1171354/logs/screen-key.txt.gz?level=TRACE.

  To fix this devstack should shift the ephemeral port range to 49152 to
  61000 to avoid IANA port allocations and to avoid linux private port
  ranges.

  Additionally keystone should document this fact so that deployers are
  aware of this and know to work around the funny linux default range.

To manage notifications about this bug go to:
https://bugs.launchpad.net/devstack/+bug/1253482/+subscriptions