From d1da6174acd7949733b14b3e15fb84c3053b1ee6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= Date: Mon, 23 Sep 2024 23:53:46 -0300 Subject: [PATCH] ares_socket: set IP_BIND_ADDRESS_NO_PORT on ares_set_local_ip* tcp sockets If you bind to a local address, you now only have approx 32k possible source ports to initiate connections. In modern days that can quickly run out. setting IP_BIND_ADDRESS_NO_PORT let's the kernel choose a port at connect time, increasing the limit of combinations to around a million. --- src/lib/ares_socket.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/lib/ares_socket.c b/src/lib/ares_socket.c index 776dff6913..55de6a39f0 100644 --- a/src/lib/ares_socket.c +++ b/src/lib/ares_socket.c @@ -574,7 +574,12 @@ ares_status_t ares_socket_configure(ares_channel_t *channel, int family, sizeof(channel->local_ip6)); bindlen = sizeof(local.sa6); } - +#ifdef IP_BIND_ADDRESS_NO_PORT + if (is_tcp && bindlen) { + int opt = 1; + (void) setsockopt(fd, SOL_IP, IP_BIND_ADDRESS_NO_PORT, &opt, sizeof(opt)); + } +#endif if (bindlen && bind(fd, &local.sa, bindlen) < 0) { return ARES_ECONNREFUSED; }