Originally posted by: sjhall

I have found documentation indicating that the tcp ephemeral pool (as defined by the high/low bounds) is used as a source of "work" ports by various and sundry AIX processes, not to mention vendor products.  I am having a hard time getting any specific information on what those processes might be, so as to make a decision on paring down the number of available ports. I have seen reference to RSCT as a user of this resource however, since we run no virtualization on our servers (FSP on a P7+ P710) I have this service shut off, but I do understand that lack of available ports in the work pool can/will lead to potential failures.

Having recently enabled the use of TLS on the box-stock AIX FTP, I have a few users on a remote site within our network, but not within our facility, who would like to secure their FTP traffic as is being done by their local couterparts. I am looking for a way to ease the pain of asking for a firewall rule encompassing 32K worth of ports.

Thoughts on possibilities for resizing would be welcome.

Thanks,

Steve