[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: FW: Application for port-number (system-klensin)

Normally, we push people back after they submit an application
for a system port number and tell them they need to put 
System port number XXX - TBA by IANA in their document.  Once
it goes through the process, we assign the system port number.

I mentioned this to John Klensin and there was an urge to have
the port earlier.  The only way I know of doing this is getting
IESG approval.

We use "expert" review for user port numbers.  Our experts are
our internal staff, and sometimes we use Fred Baker in cases we
need help on.

There has always been some confusion within the system vs. user
port number allocation procedures.  That is why I think a new
document would be helpful.  We have had some folks volunteer to 
help us when we can have the time to get to it.

Michelle


-----Original Message-----
From: iesg-admin@ietf.org [mailto:iesg-admin@ietf.org]On Behalf Of
Thomas Narten
Sent: Thursday, October 30, 2003 12:46 PM
To: IANA
Cc: IESG
Subject: Re: FW: Application for port-number (system-klensin) 


More than we probably wanted to know...

> We have received the following System port number
> application.

> Can this be approved by the IESG before the document
> gets approved for publication as an RFC?

I'm a bit surprised by this question. Is it the case that you don't
see many requests for a "system port number", so the reason for asking
is that you want to be sure you are handling this case correctly?

I think RFC 2780 defines the current IANA procedures:

> 9.1 TCP Source and Destination Port fields
> 
>    Both the Source and Destination Port fields use the same namespace.
>    Values in this namespace are assigned following a Specification
>    Required, Expert Review, IESG Approval, IETF Consensus, or Standards
>    Action process.  Note that some assignments may involve non-
>    disclosure information.

Is the question then, whether the IESG is willing to do an "IESG
Approval" in this case, since the other ones may not apply?

Note: my understanding of "IESG Approval" is that it is intended for
handling more exceptional cases, when the other (normal) ways of
getting an allocation are for some reason not appropriate.  But I
would also put the burdon on the requestor to engage the IESG  on when
such an approval is needed, as in most cases it wouldn't be.

Also, is there in fact an Expert Reviewer for port numbers? Has there
ever been one? Or do you just do FCFS for teh non-system ports?

(BTW, I agree that the guidelines here could be a lot clearer...)

And here is perhaps another interesting point. Just how
many values are left to allocate? Jumping to the end, I see:

#               1001-1009      Unassigned

Yikes, seemingly not many. But it turns out that there are quite a few
"unnassigned" values in random gaps. Doing some quick addition, there
seem to be something on the order of 200 free port numbers (out of the
1-1024 range). So we still have a few...

Finally, there is the question of what "system ports" are and what
value they have.

>  
> The System (Well-Known) Ports are those from 0 through 1023.
> 
> Online Application for a System (Well-Known) Port Number
> 
> The User (Registered) Ports are those from 1024 through 49151.

In the old days, the distinction provided some sort of perceived
security benefit. That argument probably doesn't carry much weight
anymore in practice. So maybe this notion of splitting up the ranges
has long lost most of its utility.

So, I don't know that we need to push back a whole lot on this
particular request. But I do wonder why a system port as opposed to
one of the other ones was requested. But mostly for curiosity reasons.

Also, I think if "IESG Approval" is being sought, it's probably better
for the requestor to engage the IESG directly. But I'm not sure that
is even what is intended at this point.

Thomas