My Oracle Support Banner

TCP/IP Connections to and from Low Numbered Ports Occasionally Hang (Solaris, IPSEC) (Doc ID 1012141.1)

Last updated on JANUARY 03, 2018

Applies to:

Solaris Operating System - Version 10 3/05 and later
All Platforms

Symptoms

User applications which use RPC(remote procedure call) or specifically bind to available low number ports, suffer from intermittent connection failures.

Example applications in this category include NFS, Veritas Netbackup, rsh, rcp, "all the RSHELL commands"

Changes

 First, check all entries in /etc/inet/ipsecinit.conf for rules applying to services using privileged ports between 512 and 1023 (also any defined in ndd /dev/tcp tcp_extra_priv_ports).

 [ Also check whether ipsecesp and ipsecah are present in the kernel (use modinfo -l), if they are not then you have a different problem. ]

Verify that the services listed in ipsecinit.conf are indeed in use on the system by checking /etc/inetd.conf and netstat -an for listeners.  If there is a listener then the above mentioned (casual users of low port numbers) programs will not be allowed to bind to the port as it is already in use.  This means they will never have their connections unexpectedly intercepted by ipsec, i.e. you will not see this problem.

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.