Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
31 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon

🎉 Celebrating 25 Years of GameDev.net! 🎉

Not many can claim 25 years on the Internet! Join us in celebrating this milestone. Learn more about our history, and thank you for being a part of our community!

Back to Networking and Multiplayer

SO_REUSEADDR - when should this be used?

Started by
3 comments, last by pindrought 5 years, 2 months ago

I thought I understood this socket option before, but now i'm unsure.

 

I read an article talking about how the functionality is different on windows and linux and some people suggesting this should never be used on windows.

 

I initially thought that this was to allow a server to start back up and bind instantly after a crash and not having to wait for the socket that was being listened on to exit TIME_WAIT.

 

I'm currently using windows 10 and have been unable to produce a situation where i'm unable to bind a socket after a server crash.

 

Can anyone give me a scenario on when I should be using SO_REUSEADDR and how to force a situation to occur where its use can be observed?

 

 

Advertisement

SO_REUSEADDR is useful in the case you suggest, allowing re-use of the same local port.

It may be that Windows just allows you to bind anyway? I haven't checked this in a long time.

The drawback with SO_REUSEADDR is that two different processes can bind the same port at the same time while both are alive. This may be useful for some load sharing situations, but may also end up in a situation where an "old" and a "new" process fight for incoming connections (one of them will win, but it's kind of random which one will for each new connection.)

To make things even muddier: there is an alternative SO_REUSEPORT option that you may want to check out, too. This didn't exist many years ago when SO_REUSEADDR was the general solution, but it's been with us for many years now, and provides an alternative option for the "process re-start" problem.

enum Bool { True, False, FileNotFound };

If I recall the warning in Window's is potential unintended consequences, including security issues, when another program can SO_REUSEADDR on a port that you are still currently using.

As far as I know on Windows for normal sockets, they get cleaned up, including listen sockets, along with the process. So if you close the process then restart it, you shouldn't need SO_REUSEADDR.

 

Windows also has a SO_EXCLUSIVEADDRUSE and my understanding is that new software should use that for security reasons.

https://docs.microsoft.com/en-us/windows/desktop/winsock/using-so-reuseaddr-and-so-exclusiveaddruse

 

Quote

Once the second socket has successfully bound, the behavior for all sockets bound to that port is indeterminate. 

...

Before the SO_EXCLUSIVEADDRUSE socket option was introduced, there was very little a network application developer could do to prevent a malicious program from binding to the port on which the network application had its own sockets bound. 

...

The SO_REUSEADDR option has very few uses in normal applications aside from multicast sockets where data is delivered to all of the sockets bound on the same port. Otherwise, any application that sets this socket option should be redesigned to remove the dependency since it is eminently vulnerable to "socket hijacking". As long as SO_REUSEADDR socket option can be used to potentially hijack a port in a server application, the application must be considered to be not secure.

All server applications must set SO_EXCLUSIVEADDRUSE for a strong level of socket security. Not only does it prevent malicious software from hijacking the port, but it also indicates whether or not another application is bound to the requested port. For example, a call to bind on the wildcard address by a process with the SO_EXCLUSIVEADDRUSE socket option set will fail if another process is currently bound to the same port on a specific interface.

Lastly, even though socket security has been improved in Windows Server 2003, an application should always set the SO_EXCLUSIVEADDRUSE socket option to ensure that it binds to all the specific interfaces the process has requested. The socket security in Windows Server 2003 adds an increased level of security for legacy applications, but application developers must still design their products with all aspects of security in mind.

 

Although worrying about that sort of denial of service is probably not an issue for games, and seems to assume there is already malicious software on the system. I believe it also refers to hijacking existing UDP "connections", not just a TCP listen socket, but I never really investigated this.

Thank you both! Very useful information. I'm going to refrain from using it for now.

This topic is closed to new replies.

Advertisement

Popular Topics

giuseppe7
LOD selection issue Graphics and GPU Programming
Net_
Weird collision primitives vs convex mesh? Math and Physics
AliAbdulKareem
How to do Dynamic Virtual Memory Allocation on Windows Engines and Middleware
MindOfTony
Application Class Implementing interface AngelCode
Calin
Balancing in robotics GDNet Lounge
Advertisement

Recommended Tutorials

Ruben Torres Bonet (The Gamedev Guru)
Why Your Game Content Is Not Scaling General and Gameplay Programming
blobfishdev
Best 2D Game Engines: The Complete List (2020) Engines and Middleware
williamzwood
Characters and Worldbuilding: Analyzing the Strength of Japanese Games Game Design and Theory
Myopic Rhino
IGF 2010: Krystian Majewski Interviews
Myopic Rhino
XGDX 2003 Report Event Coverage

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top