Port number is changing dynamically for each Authentication request in RHEL
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
OS name: Description: Red Hat Enterprise Linux Server release 5.5 (Tikanga)
I have installed an application in RHEL machine written in java language used to send authentication request using Radius protocol. The authentication request will hit in a AAA server (AAA stands for Authentication, Authorization and Accounting) where the authentication request being accepted are rejected based on the user credentials (ie., user id and password) available in the AAA server.
Whenever i started sending an authentication request from the RHEL machine to the AAA server, The request is being sent from a different port number. I mean, the port number is changing dynamically for each auth request. But this is not the expected behavior. The request from the RHEL machine should send from a single port number. ie., for all the auth request being send from the RHEL machine should use the SAME port number at all.
Earlier, We installed this application in an older RHEL machine. The machine details are below.
Machine name: Linux 2.4.21-4.EL #1 Fri Oct 3 18:13:58 EDT 2003 i686 i686 i386 GNU/Linux
OS version: RHEL ES release 3.0
Kernal version: Kernel Version: 2.4.21-4.EL
In the above configured machine, The authentication request sent from the same port number. I mean, the request is departing from the same port number at all.
But when I send request from latest RHEL machine, the port number is changing dynamically for each request.
Do you have any workaround to fix this issue? or anything to do to fix the outbound port number.
Last edited by ghvijayakumar; 01-11-2012 at 05:47 AM.
to me, your focus is wrong. The OS (RHEL here) doesn't dictate what port a request is sent out on. The application handles that. Your focus should be on the Java app and how it decides what port things are being sent out on. Perhaps a configuration file/setting you missed between the old and the new server.
In the application, If the authentication request is accepted successfully by the AAA server, If i again start sending the auth request, the application should drop the request without sending it to the AAA server by marking as duplicate request. The duplicate request is identified by the application using the request's source IP+source port. If the port is changing for every request, the application is not marking as duplicate request thus it hits AAA server everytime making AAA overloaded by so many requests.
If the source port is fixed, First time the application will send request to AAA server and gets authenticated. Second request will be dropped by the application itself by checking the source port is same as earlier request.
This is the reason for asking the source port should be unchanged.
The application has the configuration to set the destination port but we don't have any configuration settings to choose the source port. The application allows OS to choose the source port for sending auth request as the OS choosing different port for each request.
Moreover, the machine
Machine name: Linux 2.4.21-4.EL #1 Fri Oct 3 18:13:58 EDT 2003 i686 i686 i386 GNU/Linux
OS version: RHEL ES release 3.0
Kernal version: Kernel Version: 2.4.21-4.EL
chooses the same source port for all auth request. Why this is not the case in the new RHEL machine??
if your sending server is sending traffic on an established session, it will send it from the same source port (because the session is established and both parties have agreed on ports).
If your sending server is starting a new session and
Quote:
The application allows OS to choose the source port
then the source port is randomly chosen based on what is not being used.
If your application works the way you say it does, and it is dependent on your source being fixed, then it is required to have a way to specify it. OR i guess you are dropping your session and/or establishing a new session when you should be using the existing session. Either way, there is no way that I know of to configure Linux to manage ports for some random application that it is not aware of.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.