You can assign or reserve ports by using several methods, and the
various methods interact in the following ways:
- EPHEMERALPORTS parameter on the TCPCONFIG and UDPCONFIG statements
- PORT and PORTRANGE statement
- Ports can be reserved for specific uses with the PORT and PORTRANGE
statements.
- Ports can be reserved for a protocol by the PORT or PORTRANGE
statement and are not available as ephemeral ports for that protocol.
If the ports are also within the defined EPHEMERALPORTS range for
that protocol, the stack cannot assign them as ephemeral ports.
- EXPLICITBINDPORTRANGE parameter on the GLOBALCONFIG statement
- The EXPLICITBINDPORTRANGE parameter designates a range of unique
ports across a sysplex. A participating stack can allocate a port
from this range when an application binds explicitly to port 0 and
either of the following addresses:
- IPv4 address INADDR_ANY
- IPv6 unspecified address (in6addr_any)
- The most recently processed profile or VARY TCPIP,,OBEYFILE command
that specifies the EXPLICITBINDPORTRANGE parameter defines the range
of ports for the sysplex.
- An explicitly bound port that is within the EXPLICITBINDPORTRANGE
pool is not available for assignment by the stack as an EXPLICITBINDPORTRANGE
port.
- The EXPLICITBINDPORTRANGE pool is not required to be within the
EPHEMERALPORTS range.
- The EXPLICITBINDPORTRANGE pool takes precedence over the EPHEMERALPORTS
range. Ports in the EXPLICITBINDPORTRANGE pool that are also within
the defined EPHEMERALPORTS range cannot be assigned by the stack as
ephemeral ports. Ports in the EXPLICITBINDPORTRANGE pool are available
only for EXPLICBINDPORTRANGE use.
- SYSPLEXPORTS parameter on the VIPADISTRIBUTE statement
- EPHEMERALPORTS processing controls SYSPLEXPORTS allocation.
- If a bind is made to a distributed DVIPA with SYSPLEXPORTS and
port 0 specified, the coupling facility assigns a block of sysplex
ports from the EPHEMERALPORTS range to the stack for use with the
DVIPA. The stack chooses a port from this block.
- If the bind specifies a specific port from the EPHEMERALPORTS
range, the coupling facility attempts to assign that port as a sysplex
port for that DVIPA.
- TCP/IP communicates the EPHEMERALPORTS range to the coupling facility
to ensure that sysplex port assignments are in the correct range.
- FTP PASSIVEDATAPORTS statement and the AUTHPORT parameter on the
PORTRANGE statement
- The PASSIVEDATAPORTS statement in the FTP server configuration
file assigns a range of port numbers for use by the FTP server. The
PASSIVEDATAPORTS range must also be reserved on a PORTRANGE statement
with the AUTHPORT parameter.
- Ports in this range are available for assignment only to the FTP
server.
- Ports in this range are not required to be within the EPHEMERALPORTS
range.
- Ports in this range that are also within the EPHEMERALPORTS range
are not available for use by the stack when assigning an ephemeral
port.
- INADDRANYPORT and INADDRANYCOUNT parameters on the NETWORK statement
in BPXPRMxx
- The range that is specified by the INADDRANYPORT and INADDRANYCOUNT
parameters must be restricted by the PORT or PORTRANGE statement to
the job name OMVS. These ports are not assigned by the stack unless
the user has the job name OMVS.
- Ports in this range are not required to be within the EPHEMERALPORTS
range.
- Ports in this range that are within the defined EPHEMERALPORTS
range are not available for use by the stack when assigning an ephemeral
port.
Because ports that are reserved by using some of these methods
cannot be used by the stack as ephemeral ports, the actual number
of available ephemeral ports might not equal the number of ports that
are specified in the EPHEMERALPORTS range. You can use the Netstat
STATS/-S command to display the actual number of ephemeral ports that
are available for assignment by the stack. The CONFIGURED
EPHEMERAL PORTS field of the Netstat STATS/-S report
accounts for ports that are in the EPHEMERALPORTS range that are unavailable
because they are reserved by some other method. This field reflects
the actual number of ports that are available for assignment by the
stack.
For example, consider the following portion of a TCP/IP profile:
GLOBALCONFIG EXPLICITBINDPORTRANGE 30200 100
;
TCPCONFIG EPHEMERALPORTS 30000 39999
;
UDPCONFIG EPHEMERALPORTS 30000 39999
;
PORT 30005 TCP TCPAPPL2
PORT 30015 TCP TCPAPPL3
;
PORTRANGE 30025 5 TCP TCPAPPL6
PORTRANGE 30100 50 TCP AUTHPORT ; FTP passive data ports
PORTRANGE 30500 300 TCP OMVS ; INADDRANYPORT/INADDRANYCOUNT ports
;
PORT 30010 UDP UDPAPPL2
PORT 30015 UDP UDPAPPL3
;
PORTRANGE 30030 5 UDP UDPAPPL6
PORTRANGE 30500 300 UDP OMVS ; INADDRANYPORT/INADDRANYCOUNT ports
This configuration results in the following values for the CONFIGURED
EPHEMERAL PORTS field of the Netstat STATS/-S report:
d tcpip,tcpcs1,netstat,stats
EZD0101I NETSTAT CS V2R1 TCPCS1
.
.
.
TCP STATISTICS
.
.
.
CONFIGURED EPHEMERAL PORTS = 9543
EPHEMERAL PORTS IN USE = 0
EPHEMERAL PORTS MAX USAGE = 0
EPHEMERAL PORTS EXHAUSTED = 0
UDP STATISTICS
.
.
.
CONFIGURED EPHEMERAL PORTS = 9693
EPHEMERAL PORTS IN USE = 0
EPHEMERAL PORTS MAX USAGE = 0
EPHEMERAL PORTS EXHAUSTED = 0
END OF THE REPORT
For TCP, the total number of configured ephemeral ports is 10000
(ports 30000 – 39999), and this number is reduced by the following
amounts:
- 100 because of the GLOBALCONFIG EXPLICITBINDPORTRANGE setting
(ports 30200 – 30299)
- 2 because of the two PORT statements with ports that are within
the TCP ephemeral port range (ports 30005 and 30015)
- 355 because of the three PORTRANGE statements with ports that
are within the TCP ephemeral port range (ports 30025 – 30029,
30100 – 30149, and 30500 – 30799)
Subtracting these ports results in the CONFIGURED
EPHEMERAL PORTS value of 9543. The CONFIGURED
EPHEMERAL PORTS value is not affected by any PORT and
PORTRANGE statements that include ports outside of the EPHEMERALPORTS
range.
For UDP, the total number of configured ephemeral ports is 10000
(ports 30000 – 39999), and this number is reduced by the following
amounts:
- 2 because of the two PORT statements with ports that are within
the UDP ephemeral port range (ports 30010 and 30015)
- 305 because of the two PORTRANGE statements with ports that are
within the UDP ephemeral port range (ports 30030 – 30034 and
30500 – 30799)
Subtracting these ports results in the CONFIGURED
EPHEMERAL PORTS value of 9693. The CONFIGURED
EPHEMERAL PORTS value is not affected by any PORT and
PORTRANGE statements that include ports outside of the EPHEMERALPORTS
range.