On Mon, Dec 10, 2018 at 05:18:46PM +0100, Florian Westphal wrote: > In case almost or all available ports are taken, clash resolution can > take a very long time, resulting in soft lockup. > > This can happen when many to-be-natted hosts connect to same > destination:port (e.g. a proxy) and all connections pass the same SNAT. > > Pick a random offset in the acceptable range, then try ever smaller > number of adjacent port numbers, until either the limit is reached or a > useable port was found. This results in at most 248 attempts > (128 + 64 + 32 + 16 + 8, i.e. 4 restarts with new search offset) > instead of 64000+, Applied, thanks Florian.
