TCP source port sharing

There is no reason why two processes cannot use the same source port, as long as they do not both connect to the same destination (host, port). On many UNIX systems, set the SO_REUSEPORT option to enable processes to share a port number; on Windows, set SO_REUSEADDR. For example, with socat:

• process 1: socat stdio tcp:google.com:80,bind=:12345,reuseport
• process 2: socat stdio tcp:bing.com:80,bind=:12345,reuseport

These two processes can run simultaneously, and will both have source port 12345 (as you can confirm with netstat).

Note, however, that you will almost certainly run into issues if the sockets are not closed cleanly on both ends, as unclosed TCP sockets will enter a TIME_WAIT state which will cause the four-tuple (srcaddr, srcport, dstaddr, dstport) to be tied up until the wait period expires. Therefore, when using a single source port for multiple connections, you cannot reconnect to the exact same server & port unless the previous connection has fully shut down or the TIME_WAIT period has expired.

Any port is only ever allocated to a single process at any point in time. That process can create any number of connections with it, with the restriction that the destination IP address or port number must vary between connections.

As an example, TCP 10.0.0.10:49152 can connect only once to TCP 10.0.0.2:80 but can at the same time connect to TCP 10.0.0.3:80 or TCP 10.0.0.2:8080.

While the TCP protocol itself allows arbitrary combinations of local and remote ports and addresses, most Unix implementations simplify port management. The reason is that the process of setting up sockets is split into separate steps.

• First you set the local port with bind(). This step is required when creating a listening TCP socket (you have to specify what port it's listening on), it's optional before making an outgoing connection with connect() (an arbitrary local port will be assigned). Since we don't know the remote address or port yet, it's not possible to tell whether this is fully unique. So it simply checks whether the requested port is available. If the socket has the SO_REUSEADDR option set, it ignores connected sockets when checking whether the local address is in use, but it will still fail if there's a listening socket on the port.

• Then for an outgoing connection you call connect(), specifying the remote address. You can only call connect() once on a socket, and because we checked the local port during bind(), this can never produce a duplicate local/remote address/port.

• For an incoming connection, you call accept() on the listening socket. Again, because we check that the local port of the listening socket is unused when we bind it, there can never be a duplicate combination.

Delaying the port checks until we have the remote information would complicate error handling. The current design just checks for duplication in one place: bind().

After some investigations I found that source port sharing is only allowed for multiple outgoing connections from the same process. The operating system needs to know which process to forward the connection stream to.

Going to select this answer in two days as the site policy.