Azureus doesn't allow ports above 49151

Just noticed, if I go to Tools>NAT/Firewall Test, it says "TCP ports above 49152 are reserved internally, so they cannot be used." But since 49152 worked fine yesterday, I'm not sure what it's complaining about.

This is a consequence of the patch that fixes bug 222630. What was port 6880 is now a dynamic port chosen in that range, see README.multiuser in the installed docs for further informations.

The range shouldn't be used for your main (and static) listen ports, as per IANA specification (http://www.iana.org/assignments/port-numbers): "The Dynamic and/or Private Ports are those from 49152 through 65535". If you use one of those ports, it might happen that one day you find it not free because the OS decided to assign it to another service. Linux actually has a bigger range (from 32768), but let's follow standards.

I'll leave this bug open for awhile to see if someone has other objections, but it's, in fact, a feature.

> The range shouldn't be used for your main (and static) listen ports

I agree with that but wouldn't it be a better option to let user choose a range of ports in the Dyn/Priv ports ?
Or for beginners something like :
 - start Vuze
 - test configured port availability
    - available -> continue start
    - not available -> test port+1
loop test for i.e. 10, 20, 50 ports... or the designed range in the options

> "The Dynamic and/or Private Ports are those from 49152 through 65535".
IANA specs also say :
"The Registered Ports are those from 1024 through 49151
Registered ports SHOULD NOT be used without IANA registration"

So the use of ports 49152-65535 for Private use (and Dynamic, but private :).

IMHO Azureus/Vuze should allow _only_ ports in the private range. But I know for proxies and people downloading torrents at office/work/school/wherever-you-are-doing-something-else-than-what-you-should , 1025 to 65535 should be left open.

Just to clarify:

What happens if the user had a port >49151 and upgrades to this version of Azureus? Does it fail miserably or pick some valid port and move on?

I spoke with the patch author -- after testing, it's verified that when you upgrade Azureus with a reserved port, it automatically picks another one.

With that said, I think that the behavior described in this bug report is not a bug and doesn't need modification.

> What happens if the user had a port >49151 and upgrades to this version of Azureus? Does it fail miserably or pick some valid port and move on?
It fails, but not miserably :)
It shows a warning message and select another port (randomly ?)

> I spoke with the patch author -- after testing, it's verified that when you upgrade Azureus with a reserved port, it automatically picks another one.
It does very well.

But AFAIK 49152-65535 are not reserved ! It's even the inverse, in a way.
Abstract from RFC4340 - section 19.9:
"Port numbers are divided into three ranges. The Well Known Ports are
   those from 0 through 1023, the Registered Ports are those from 1024
   through 49151, and the Dynamic and/or Private Ports are those from
   49152 through 65535. Well Known and Registered Ports are intended
   for use by server applications that desire a default contact point on
   a system. On most systems, Well Known Ports can only be used by
   system (or root) processes or by programs executed by privileged
   users, while Registered Ports can be used by ordinary user processes
   or programs executed by ordinary users. Dynamic and/or Private Ports
   are intended for temporary use, including client-side ports, out-of-
   band negotiated ports, and application testing prior to registration
   of a dedicated port; they MUST NOT be registered."

It is well said : port 49152-65535 ARE FREE OF USE by the users, and even if the system choose the configured port for anything else, the logic you spoke about with the author should select another one.

> I think that the behavior described in this bug report is not a bug and doesn't need modification.
No, not a bug, but so annoying when using privates ports...

Even, still from the same section in the RFC:
"Well Known and Registered Ports SHOULD NOT be used without registration."

In some way BitTorrents are even illegals due to the port they use (6881 isn't registered) :)
And it may sound stupid, but it pretty annoys me to use a port that may be reserved for something else, and one day I plug something or install a soft in my comp and the port isn't free anymore...
And worse for me, I have ALL my net soft configured to use ports according to the router table (I chose ports 51xxx for box1, ports 52xxx for box2, and so on...)

But anyway, I won't change my router for a software, neither will I reconf all my net softwares... so I'm off with Azureus... weird, it was good :)

Well the only thing I see fit to do is to lower the number of ports reserved because the chances of having ~1000 users running Azureus is pretty unlikely.

Right now, the choice is either between this or having an arbitrary local user privilege escalation vulnerability, and frankly if the latter were to be the case I would petition to remove Azureus from the archives.

Hello,
I just tried to set my port and it did not work and there was no help (that helped or explained) why it did not work, it was really strange. There should be better error messages that explain the strange behaviour.

And on Azureus Wiki ( http://wiki.vuze.com/index.php/Port_is_blacklisted ) there is explicit said: "Choose a port from the 49152–65534 range."

Anyway: I think I now have understood the situation. The port range above 49152 is reserved for dynamic things and if you tell azureus to use it, it is not static any more.

Hi,
I just wanted to say that, as goto mentions, as of 7 February 2009 many parts of the Azureus wiki seem to be really outdated. New users trying to configure their azureus/vuze should be careful when taking information from there.

In summary, even if the Azureus wiki tells you to "Choose a port from the 49152–65534 range", you should in fact choose a port not included in that range.

I make this post only for clarification, since this bug report appears as one of the first results in your favourite search engine when searching for this problem.

Hi,
I would consider this as a bug because it reduces my ability to use one of my favorite trackers that will only except ports between 49152 - 65535. I have been using Azureus for years on windows and never had a problem. This bug makes Azureus, fairly useless to me on Ubuntu. Is there any hope of getting rid of this restriction. I have never had any conflicts before with my chosen port under Windows.
Many Thanks. Al-Man

I think this should be reconsidered by the Vuze development team. I know Ubuntu's bug tracker is not the best place to try and get their attention, but it's worth a shot.

You can read my (slightly ranty and undeservingly infuriated) post here: http://ubuntu-ky.ubuntuforums.org/showthread.php?p=8653035#post8653035

Basically, using the Registered or Well Known ports is not a good idea. For me it isn't even an option.

Eventually, if ISPs pick up too much traffic on the wrong port, they'll just shut the port down--no matter what purpose it should be open for--and if they have to do it enough times, they'll shut it down permanently and then they'll disable it by default. This is bad news for legitimate services that should be running on the Well known and Registered ports. It also means you could potentially DOS your own computer by specifying the same port in Vuze that is used by another service.

Furthermore, certain types of internet connections don't allow the use of Registered ports, like mine: tethering through a cell phone. I imagine the reason for this is that the cellphone itself would never make use of the Registered ports, so they've been closed. In my case, one of the dynamic ports is open, but it is over 49152 so I can't set it in Vuze.

To use a higher port, just download Vuze directly from sourceforge.

Actual versions seem to have solved this problem: 4.3.0.6-1