[Bug 65776] "Duplicate accept detected" error from a subsequent request with the same local port

Thu, 13 Jan 2022 19:39:44 -0800 

https://bz.apache.org/bugzilla/show_bug.cgi?id=65776

Sunwoo <ksw...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEEDINFO                    |NEW

--- Comment #5 from Sunwoo <ksw...@gmail.com> ---
I'm sorry, I'm not a goot at English.
Please carefully read it. :)

-----
I found a situation where a normal connection was attempted with the same
client IP/Port in the following situations.

In under load, in the case of the kernel configuration as follows, if the
randomly found position is located in 32768-49999 with high probability, there
is a possibility that 50000 will be allocated continuously.

- ip_local_port_range = 32768 - 60000
- ip_local_reserved_ports = 30000-49999

# find client port - kernel simple pseudocode
``` 
  port = random(in ip_local_port_range)
  while port++ < max(ip_local_port_range)
    if (port in ip_local_reserved_ports) continue
    if (port is used ports) continue
        return port 
  done
  return not found port
```


- kernel 3.10
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/net/ipv4/inet_connection_sock.c?h=linux-3.10.y#n104

```
smallest_rover = rover = net_random() % remaining + low;
```

- kernel 4.19
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/net/ipv4/inet_connection_sock.c?h=linux-4.19.y#n182
```
offset = prandom_u32() % remaining;
```


In this setting, the problem occurs because the range of
ip_local_reserved_ports is too wide, and although the appropriate port
according to rfc6056 was not allocated, it does not mean that this connection
itself is invalid.

I experienced this problem in the k8s readiness/liveness probe request, and
eventually the service became UNREADY and the service became unavailable.

The need to bypass bugs in Ubuntu is understandable, but the current code is
risky and has side effects.

Therefore, it appears that the change needs to be rolled back, offered an
option, or better hedged. 

https://github.com/apache/tomcat/commit/d03cfcf3b0d6639acb2884f1bbea5f2f29b95d91

I hope for a positive review.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to