There is a possibility that on a highly loaded server, such as a proxy or router, with a very large number of connections, free ports in the allocated range may run out, so you need to look at the current number used and, if necessary, increase the net.ipv4.ip_local_port_range value.
Let’s see how many ports are allowed to be used, the default value is “32768 60999” (usually this is enough):
cat /proc/sys/net/ipv4/ip_local_port_range sysctl net.ipv4.ip_local_port_range
Let’s see how much is used at the moment:
I will give an example of what was displayed on one of my servers:
Total: 11444 (kernel 36151) TCP: 44 (estab 3, closed 30, orphaned 0, synrecv 0, timewait 30/0), ports 0 Transport Total IP IPv6 * 36151 - - RAW 193 0 193 UDP 10708 10696 12 TCP 14 12 2 INET 10915 10708 207 FRAG 34 34 0
More examples of viewing statistics:
apt install net-tools netstat -s | more netstat -su #udp netstat -st #tcp netstat -sw #raw netstat -nap netstat -naptu | more
I will give examples of increasing the range:
echo "16384 65535" > /proc/sys/net/ipv4/ip_local_port_range sysctl -w net.ipv4.ip_local_port_range="1024 65535"
To prevent the change from being reset after restarting the operating system, open the /etc/sysctl.conf file in a text editor:
And let’s say:
net.ipv4.ip_local_port_range = 1024 65535
You can also apply the new content in the /etc/sysctl.conf file with the command below:
See also my articles:
Preparing a Linux server before installing Accel-ppp