Debian

了解 Unbound 如何監聽埠 53

  • May 4, 2022

我已經在 Debian Buster 上安裝了 unbound。現在我想知道為什麼 unbound 在每個協議上聽 2 次。

netstat -tulpn

tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      1150/unbound        
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      1150/unbound        
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      605/sshd: /usr/sbin 
tcp        0      0 127.0.0.1:8953          0.0.0.0:*               LISTEN      1150/unbound        
tcp6       0      0 :::22                   :::*                    LISTEN      605/sshd: /usr/sbin 
udp        0      0 0.0.0.0:53              0.0.0.0:*                           1150/unbound        
udp        0      0 0.0.0.0:53              0.0.0.0:*                           1150/unbound   

誰能幫我理解這一點?

Unbound 使用SO_REUSEPORT選項來允許多個/程序執行緒共享同一個監聽埠。

SO_REUSEPORT(since Linux 3.9)

         Permits multiple AF_INET or AF_INET6 sockets to be bound
         to an identical socket address.  This option must be set
         on each socket (including the first socket) prior to
         calling bind(2) on the socket.  To prevent port hijacking,
         all of the processes binding to the same address must have
         the same effective UID.  This option can be employed with
         both TCP and UDP sockets.

         For TCP sockets, this option allows accept(2) load
         distribution in a multi-threaded server to be improved by
         using a distinct listener socket for each thread.  This
         provides improved load distribution as compared to
         traditional techniques such using a single accept(2)ing
         thread that distributes connections, or having multiple
         threads that compete to accept(2) from the same socket.

         For UDP sockets, the use of this option can provide better
         distribution of incoming datagrams to multiple processes
         (or threads) as compared to the traditional technique of
         having multiple processes compete to receive datagrams on
         the same socket.

引用自:https://serverfault.com/questions/1099756