Port selection interactions

You can assign or reserve ports by using several methods, and the various methods interact in the following ways:

• EPHEMERALPORTS parameter on the TCPCONFIG and UDPCONFIG statements
  • For TCP sockets, ephemeral ports are port numbers that TCP/IP temporarily assigns to a socket in the following situations:
    • An application explicitly binds to port 0.
    • An implicit bind() call is processed as an application issues a connect() call, and the port number is not known.

    Ephemeral ports can also be used by servers in some cases, such as the FTP server in passive mode.

  • For UDP sockets, ephemeral ports are port numbers that TCP/IP temporarily assigns to a socket in the following situations:
    • An application explicitly binds to port 0.
    • An implicit bind() call is processed as the application sends data, and the port number is not known.
  • You can use the EPHEMERALPORTS parameter to control the range of ephemeral port numbers that the stack assigns.
  • Separate definitions for the TCPCONFIG and UDPCONFIG statements enable different ranges per protocol.
  • The default ephemeral port numbers for each protocol are port numbers in the range 1024 – 65535.
  • Generally, other methods of assigning ports take precedence over assigning ephemeral ports from the EPHEMERALPORTS range. The ports available for ephemeral port assignment are those ports in the EPHEMERALPORTS range that are left after other methods of assigning ports are applied.
• PORT and PORTRANGE statement
  • Ports can be reserved for specific uses with the PORT and PORTRANGE statements.
  • Ports can be reserved for a protocol by the PORT or PORTRANGE statement and are not available as ephemeral ports for that protocol. If the ports are also within the defined EPHEMERALPORTS range for that protocol, the stack cannot assign them as ephemeral ports.
• EXPLICITBINDPORTRANGE parameter on the GLOBALCONFIG statement
  • The EXPLICITBINDPORTRANGE parameter designates a range of unique ports across a sysplex. A participating stack can allocate a port from this range when an application binds explicitly to port 0 and either of the following addresses:
    • IPv4 address INADDR_ANY
    • IPv6 unspecified address (in6addr_any)
  • The most recently processed profile or VARY TCPIP,,OBEYFILE command that specifies the EXPLICITBINDPORTRANGE parameter defines the range of ports for the sysplex.
  • An explicitly bound port that is within the EXPLICITBINDPORTRANGE pool is not available for assignment by the stack as an EXPLICITBINDPORTRANGE port.
  • The EXPLICITBINDPORTRANGE pool is not required to be within the EPHEMERALPORTS range.
  • The EXPLICITBINDPORTRANGE pool takes precedence over the EPHEMERALPORTS range. Ports in the EXPLICITBINDPORTRANGE pool that are also within the defined EPHEMERALPORTS range cannot be assigned by the stack as ephemeral ports. Ports in the EXPLICITBINDPORTRANGE pool are available only for EXPLICBINDPORTRANGE use.
• SYSPLEXPORTS parameter on the VIPADISTRIBUTE statement
  • EPHEMERALPORTS processing controls SYSPLEXPORTS allocation.
    • If a bind is made to a distributed DVIPA with SYSPLEXPORTS and port 0 specified, the coupling facility assigns a block of sysplex ports from the EPHEMERALPORTS range to the stack for use with the DVIPA. The stack chooses a port from this block.
    • If the bind specifies a specific port from the EPHEMERALPORTS range, the coupling facility attempts to assign that port as a sysplex port for that DVIPA.
  • TCP/IP communicates the EPHEMERALPORTS range to the coupling facility to ensure that sysplex port assignments are in the correct range.
• FTP PASSIVEDATAPORTS statement and the AUTHPORT parameter on the PORTRANGE statement
  • The PASSIVEDATAPORTS statement in the FTP server configuration file assigns a range of port numbers for use by the FTP server. The PASSIVEDATAPORTS range must also be reserved on a PORTRANGE statement with the AUTHPORT parameter.
  • Ports in this range are available for assignment only to the FTP server.
  • Ports in this range are not required to be within the EPHEMERALPORTS range.
  • Ports in this range that are also within the EPHEMERALPORTS range are not available for use by the stack when assigning an ephemeral port.
• INADDRANYPORT and INADDRANYCOUNT parameters on the NETWORK statement in BPXPRMxx
  • The range that is specified by the INADDRANYPORT and INADDRANYCOUNT parameters must be restricted by the PORT or PORTRANGE statement to the job name OMVS. These ports are not assigned by the stack unless the user has the job name OMVS.
  • Ports in this range are not required to be within the EPHEMERALPORTS range.
  • Ports in this range that are within the defined EPHEMERALPORTS range are not available for use by the stack when assigning an ephemeral port.

Because ports that are reserved by using some of these methods cannot be used by the stack as ephemeral ports, the actual number of available ephemeral ports might not equal the number of ports that are specified in the EPHEMERALPORTS range. You can use the Netstat STATS/-S command to display the actual number of ephemeral ports that are available for assignment by the stack. The CONFIGURED EPHEMERAL PORTS field of the Netstat STATS/-S report accounts for ports that are in the EPHEMERALPORTS range that are unavailable because they are reserved by some other method. This field reflects the actual number of ports that are available for assignment by the stack.

For example, consider the following portion of a TCP/IP profile:

GLOBALCONFIG EXPLICITBINDPORTRANGE 30200 100
;
TCPCONFIG EPHEMERALPORTS 30000 39999
;
UDPCONFIG EPHEMERALPORTS 30000 39999
;
PORT      30005       TCP TCPAPPL2
PORT      30015       TCP TCPAPPL3
;
PORTRANGE 30025 5     TCP TCPAPPL6
PORTRANGE 30100 50    TCP AUTHPORT   ; FTP passive data ports
PORTRANGE 30500 300   TCP OMVS       ; INADDRANYPORT/INADDRANYCOUNT ports
;
PORT      30010       UDP UDPAPPL2
PORT      30015       UDP UDPAPPL3
;
PORTRANGE 30030 5     UDP UDPAPPL6
PORTRANGE 30500 300   UDP OMVS       ; INADDRANYPORT/INADDRANYCOUNT ports

This configuration results in the following values for the CONFIGURED EPHEMERAL PORTS field of the Netstat STATS/-S report:

d tcpip,tcpcs1,netstat,stats
EZD0101I NETSTAT CS V2R1 TCPCS1
.
.
.
TCP STATISTICS
.
.
.
  CONFIGURED EPHEMERAL PORTS          = 9543
  EPHEMERAL PORTS IN USE              = 0
  EPHEMERAL PORTS MAX USAGE           = 0
  EPHEMERAL PORTS EXHAUSTED           = 0
UDP STATISTICS
.
.
.
  CONFIGURED EPHEMERAL PORTS          = 9693
  EPHEMERAL PORTS IN USE              = 0
  EPHEMERAL PORTS MAX USAGE           = 0
  EPHEMERAL PORTS EXHAUSTED           = 0
END OF THE REPORT

For TCP, the total number of configured ephemeral ports is 10000 (ports 30000 – 39999), and this number is reduced by the following amounts:

• 100 because of the GLOBALCONFIG EXPLICITBINDPORTRANGE setting (ports 30200 – 30299)
• 2 because of the two PORT statements with ports that are within the TCP ephemeral port range (ports 30005 and 30015)
• 355 because of the three PORTRANGE statements with ports that are within the TCP ephemeral port range (ports 30025 – 30029, 30100 – 30149, and 30500 – 30799)

Subtracting these ports results in the CONFIGURED EPHEMERAL PORTS value of 9543. The CONFIGURED EPHEMERAL PORTS value is not affected by any PORT and PORTRANGE statements that include ports outside of the EPHEMERALPORTS range.

For UDP, the total number of configured ephemeral ports is 10000 (ports 30000 – 39999), and this number is reduced by the following amounts:

• 2 because of the two PORT statements with ports that are within the UDP ephemeral port range (ports 30010 and 30015)
• 305 because of the two PORTRANGE statements with ports that are within the UDP ephemeral port range (ports 30030 – 30034 and 30500 – 30799)

Subtracting these ports results in the CONFIGURED EPHEMERAL PORTS value of 9693. The CONFIGURED EPHEMERAL PORTS value is not affected by any PORT and PORTRANGE statements that include ports outside of the EPHEMERALPORTS range.