Bug 689425

Summary: [RFE] Use reserved port only when required
Product: Red Hat Enterprise Linux 5 Reporter: J.H.M. Dassen (Ray) <rdassen>
Component: glibcAssignee: Andreas Schwab <schwab>
Status: CLOSED WONTFIX QA Contact: qe-baseos-tools-bugs
Severity: medium Docs Contact:
Priority: medium    
Version: 5.6CC: bgollahe, fweimer, mfranc, rbinkhor
Target Milestone: rcKeywords: FutureFeature, Triaged
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: 689424 Environment:
Last Closed: 2011-08-16 17:36:05 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 689424    
Bug Blocks: 554476    

Description J.H.M. Dassen (Ray) 2011-03-21 13:44:16 UTC 
+++ This bug was initially created as a clone of Bug #689424 +++

2. What is the nature and description of the request?

- use non-reserved source ports for non-secure NIS map lookups.
- use reserved ports fort secure maps

   3. Why does the customer need this?:

When customer rcp a lots of small files via rcp from their supercomputer to
RHEL, it fails sometimes and found that it happened when reserved ports get
exhausted by NIS clients. So they are proposing this solution so that not use
reserved potrs for all NIS lookup (indeed by root user) but use reserved ports
only for secure NIS map lookups and use non-reserved ports for other lookups.

   4. How would the customer like to achieve this? :

They are looking something like as HP implemented
http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c02037757/c02037757.pdf

"Reduced Usage of Reserved Ports
Reserved ports are the ports from 0 to 1024. Only root users can bind to these
ports. In previous releases, NIS commands attempted to bind to reserved ports
by default. If there are numerous client requests, all the reserved ports can
be consumed. This version of NIS enables binding to reserved ports for select
commands or daemons when accessing secure maps which results in reduced usage
of reserved ports by NIS. This change does not compromise performance or
security. "

   5. For each functional requirement listed in question 4, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.

Run tcpdump and verify source ports for NIS lookup.

   6. Is there already an existing RFE upstream or in Red Hat bugzilla?

No

   7. How quickly does this need resolved?

RHEL 5 minor release

   8. Does this request meet the RHEL Inclusion criteria?

Yes

   9. List the affected packages:

ypbind

  10. Would the customer be able to assist in testing this functionality if
implemented?:

Yes
Comment 3 Brian Gollaher 2011-08-16 17:36:05 UTC 
This BZ will not be addressed in RHEL5.