1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 2 3<html> 4 <head> 5 <meta name="generator" content="HTML Tidy, see www.w3.org"> 6 <title>RFC 1179 - Line Printer Daemon Protocol</title> 7 <meta name="GENERATOR" content= 8 "Modular DocBook HTML Stylesheet Version 1.7"> 9 <link rel="HOME" title=" LPRng Reference Manual" href= 10 "index.htm"> 11 <link rel="PREVIOUS" title="LPRng accounting.pl Utility" href= 12 "x9787.htm"> 13 <link rel="NEXT" title="Protocol Requests and Replies " href= 14 "remotesupport.htm"> 15 </head> 16 17 <body class="CHAPTER" bgcolor="#FFFFFF" text="#000000" link= 18 "#0000FF" vlink="#840084" alink="#0000FF"> 19 <div class="NAVHEADER"> 20 <table summary="Header navigation table" width="100%" border= 21 "0" cellpadding="0" cellspacing="0"> 22 <tr> 23 <th colspan="3" align="center">LPRng Reference Manual: 5 24 Sep 2003 (For LPRng-3.8.22)</th> 25 </tr> 26 27 <tr> 28 <td width="10%" align="left" valign="bottom"><a href= 29 "x9787.htm" accesskey="P">Prev</a></td> 30 31 <td width="80%" align="center" valign="bottom"> 32 </td> 33 34 <td width="10%" align="right" valign="bottom"><a href= 35 "remotesupport.htm" accesskey="N">Next</a></td> 36 </tr> 37 </table> 38 <hr align="LEFT" width="100%"> 39 </div> 40 41 <div class="CHAPTER"> 42 <h1><a name="RFC1179REF"></a>Chapter 19. RFC 1179 - Line 43 Printer Daemon Protocol</h1> 44 45 <div class="TOC"> 46 <dl> 47 <dt><b>Table of Contents</b></dt> 48 49 <dt>19.1. <a href="rfc1179ref.htm#LPDPORT">Ports and 50 Connections</a></dt> 51 52 <dt>19.2. <a href="remotesupport.htm">Protocol Requests 53 and Replies</a></dt> 54 55 <dt>19.3. <a href="jobtransfer.htm">Job Transfer</a></dt> 56 57 <dt>19.4. <a href="x10191.htm">Data File 58 Transfer</a></dt> 59 60 <dt>19.5. <a href="x10227.htm">Control File 61 Contents</a></dt> 62 63 <dt>19.6. <a href="x10430.htm"><b class= 64 "APPLICATION">lpq</b> Requests</a></dt> 65 66 <dt>19.7. <a href="x10453.htm"><b class= 67 "APPLICATION">lprm</b> Requests</a></dt> 68 69 <dt>19.8. <a href="lpcreread.htm">LPC Requests</a></dt> 70 71 <dt>19.9. <a href="sendblockformat.htm">Block Job 72 Transfer</a></dt> 73 74 <dt>19.10. <a href="x10656.htm">Authenticated 75 Transfer</a></dt> 76 </dl> 77 </div> 78 79 <p>RFC1179 can be obtained from the <b class= 80 "APPLICATION">LPRng</b> distribution, in the 81 LPRng_DOC/rfc1179 directory, or from one of many sites which 82 mirror the RFCs.</p> 83 84 <p>This RFC is an <span class="emphasis"><i class= 85 "EMPHASIS">informational</i></span> RFC, which means that the 86 information in it is meant as a guide to users, and not as a 87 fixed standard. In addition, the RFC tried to document the 88 behavior of the BSD <b class="APPLICATION">lpd</b> print 89 server, and left out many details dealing with error recover, 90 error messages, extensions to the protocol, etc.</p> 91 92 <p>In this section, I will try to explain what RFC1179 93 specifies as a protocol, and many of the problems encountered 94 in trying to use it.</p> 95 96 <div class="SECT1"> 97 <h1 class="SECT1"><a name="LPDPORT">19.1. Ports and 98 Connections</a></h1> 99 100 <p>Options used:</p> 101 102 <ul> 103 <li> 104 <p><var class="LITERAL">lpd_port=</var><span class= 105 "emphasis"><i class="EMPHASIS">Port for <b class= 106 "APPLICATION">lpd</b> connections</i></span></p> 107 </li> 108 109 <li> 110 <p><var class="LITERAL">lpd_listen_port=</var><span 111 class="emphasis"><i class="EMPHASIS">Port for <b class= 112 "APPLICATION">lpd</b> to accept 113 connection</i></span></p> 114 </li> 115 116 <li> 117 <p><var class="LITERAL">originate_port=</var><span 118 class="emphasis"><i class="EMPHASIS">Ports to originate 119 connections on</i></span></p> 120 </li> 121 122 <li> 123 <p><var class="LITERAL">reuse_addr</var> FLAG <span 124 class="emphasis"><i class="EMPHASIS">Set SO_REUSEADDR 125 flag on connection</i></span></p> 126 </li> 127 128 <li> 129 <p><var class="LITERAL">retry_econnrefused</var> FLAG 130 <span class="emphasis"><i class="EMPHASIS">Retry on 131 connect ECONNREFUSED error</i></span></p> 132 </li> 133 134 <li> 135 <p><var class="LITERAL">retry_nolink</var> FLAG <span 136 class="emphasis"><i class="EMPHASIS">Retry on device 137 open or connection ffailure</i></span></p> 138 </li> 139 140 <li> 141 <p><var class="LITERAL">unix_socket_path</var> PATH 142 <span class="emphasis"><i class="EMPHASIS">UNIX FIFO 143 pathname for local connections</i></span></p> 144 </li> 145 146 <li> 147 <p><var class="LITERAL">socket_linger=</var><span 148 class="emphasis"><i class="EMPHASIS">socket linger 149 timeout</i></span></p> 150 </li> 151 </ul> 152 <br> 153 <br> 154 155 <p>RFC1179 requires that the <b class="APPLICATION">lpd</b> 156 server listen for TCP/IP connections on port 515. This port 157 is registered with the Internet Naming Authority, and the 158 <tt class="FILENAME">/etc/services</tt> file or TCP/IP 159 services database usually has an entry:</p> 160 161 <div class="INFORMALEXAMPLE"> 162 <a name="AEN9880"></a> 163<pre class="SCREEN"> 164 printer 515/tcp spooler # line printer spooler 165</pre> 166 </div> 167 <br> 168 <br> 169 170 <p>RFC1179 explicitly states that all connections to port 171 515 must originate from ports 721-731. The reason for this 172 restriction is due to the UNIX concept of <span class= 173 "emphasis"><i class="EMPHASIS">reserved</i></span> and 174 <span class="emphasis"><i class= 175 "EMPHASIS">privileged</i></span> ports. By convention, 176 ports in the range 1-1023 can only <span class= 177 "emphasis"><i class="EMPHASIS">bound</i></span> by 178 processes whose Effective User ID (EUID) is 0 (root). This, 179 ordinary users could not originate a connection from the 180 reserved or privileged port range.</p> 181 182 <p>In a UNIX environment, this means that the user programs 183 <b class="APPLICATION">lpr</b>, <b class= 184 "APPLICATION">lpq</b>, <b class="APPLICATION">lprm</b>, and 185 <b class="APPLICATION">lpc</b> would have to be SETUID 186 root.</p> 187 188 <p>As experience has shown, for security purposes, the 189 fewer programs that need to have privileged status, the 190 better. <b class="APPLICATION">LPRng</b> uses the <var 191 class="LITERAL">lpd_port=printer</var> configuration option 192 to set the port for the connections to a <b class= 193 "APPLICATION">lpd</b> server. By default, this is port 515, 194 but can be set to other values. This port value is used to 195 make connections to a remote <b class="APPLICATION">lpd</b> 196 server. The <var class= 197 "LITERAL">lpd_listen_port=printer</var> configuration 198 option can be used to specify a port for the <b class= 199 "APPLICATION">lpd</b> to listen for incoming requests. If 200 no <var class="LITERAL">lpd_listen_port</var> value is 201 specified the <var class="LITERAL">lpd_port</var> value 202 will be used as the <b class="APPLICATION">lpd</b> 203 listening port.</p> 204 205 <p>The <var class="LITERAL">unix_socket_path</var> option 206 specifies the pathname of a UNIX FIFO or socket that can be 207 used for connections the <b class="APPLICATION">lpd</b> 208 server if the client and server are on the same host. The 209 use of a local FIFO restricts connections from outside 210 hosts. The UNIX FIFO path should be to a node in a 211 directory that is writable by by the <b class= 212 "APPLICATION">lpd</b> server and not other non-privileged 213 processes.</p> 214 215 <p>The restriction of originating ports to 721-731 causes 216 another set of problems. Part of the TCP/IP protocol is 217 concerned with avoiding communications problems resulting 218 from the arrival of old or <span class="emphasis"><i class= 219 "EMPHASIS">stale</i></span> packets. When a connection 220 between <var class="LITERAL">sourcehost, sourceport</var> 221 and <var class="LITERAL">desthost, destport</var> is made, 222 a set of sequence numbers is established and used for 223 sending and acknowledgement of data. When the connection 224 terminates, the TCP/IP protocol restricts the establishment 225 of a new connection between <var class= 226 "LITERAL">sourcehost, sourceport</var> and <var class= 227 "LITERAL">desthost, destport</var> for a period long enough 228 for all <span class="emphasis"><i class= 229 "EMPHASIS">stale</i></span> packets to be removed from the 230 system. This is approximately 10 minutes long.</p> 231 232 <p>In order to simplify assignments of ports, timing out 233 connections, and other matters, many TCP/IP packages do 234 keep track of explicit connections <span class= 235 "emphasis"><i class="EMPHASIS">originating</i></span> from 236 a port, but simply prevent the port from being reused for 237 either origination or reception of a connection. They do, 238 however, keep track of the active connections <span class= 239 "emphasis"><i class="EMPHASIS">to</i></span> a port, and 240 perform timeouts on these. This is usually much simpler to 241 implement, as it can be done with a list attached to the 242 port.</p> 243 244 <p>This implementation method creates some problems when a 245 large number of connections must be originated from a 246 relatively small number of port numbers. Observe what 247 happens when host 1 tries to send a large number of jobs to 248 a server 2. The following connections are established and 249 terminated: <var class="LITERAL">host 1, port 721</var> and 250 <var class="LITERAL">host 2, port 515</var> <var class= 251 "LITERAL">host 1, port 722</var> and <var class= 252 "LITERAL">host 2, port 515</var> <var class="LITERAL">host 253 1, port 723</var> and <var class="LITERAL">host 2, port 254 515</var> <var class="LITERAL">host 1, port 724</var> and 255 <var class="LITERAL">host 2, port 515</var> <var class= 256 "LITERAL">host 1, port 725</var> and <var class= 257 "LITERAL">host 2, port 515</var> <var class="LITERAL">host 258 1, port 726</var> and <var class="LITERAL">host 2, port 259 515</var> <var class="LITERAL">host 1, port 727</var> and 260 <var class="LITERAL">host 2, port 515</var> <var class= 261 "LITERAL">host 1, port 728</var> and <var class= 262 "LITERAL">host 2, port 515</var> <var class="LITERAL">host 263 1, port 729</var> and <var class="LITERAL">host 2, port 264 515</var> <var class="LITERAL">host 1, port 730</var> and 265 <var class="LITERAL">host 2, port 515</var> <var class= 266 "LITERAL">host 1, port 731</var> and <var class= 267 "LITERAL">host 2, port 515</var></p> 268 269 <p>Now according to the RFC1179 rules and the TCP/IP 270 protocol, we will have to wait until one of these 271 connections terminates before we can make another. On the 272 originating system, if the TCP/IP implementation does 273 timeouts on the originating port, we will have to wait for 274 the timeout to elapse before we can make a new connection. 275 Unfortunately, there is no way to find out what the status 276 of the port is, so we will have to try them each in turn 277 until we get a successful connection.</p> 278 279 <p>The <b class="APPLICATION">LPRng</b> code has tried to 280 provide several methods to deal with these problems. 281 Firstly, the <var class="LITERAL">originate_port=512 282 1023</var> option specifies the range of ports used to 283 originate connections when the software is running either 284 as ROOT or SETUID root. By strict RFC1179 rules, this 285 should be <var class="LITERAL">originate_port=721 286 731</var>, but it turns out that most BSD <b class= 287 "APPLICATION">lpd</b> based implementations only check for 288 a <span class="emphasis"><i class= 289 "EMPHASIS">reserved</i></span> originating port. By using 290 512 ports we get a greatly reduced rate of errors due to 291 lack of ports due to pending timeouts.</p> 292 293 <p>However, on some systems which are acting as servers for 294 a large number of printers even increasing this port range 295 is insufficient, and steps need to be taken use the 296 originating port numbers more efficiently. The Berkeley 297 TCP/IP implementation <code class= 298 "FUNCTION">getsockopt()</code> and <code class= 299 "FUNCTION">setsockopt()</code> allows the user to 300 manipulate some of the underlying timeouts and options of 301 the TCP/IP network. When a TCP/IP connection is 302 established, the <code class="FUNCTION">setsockopt()</code> 303 facility can be used to set the <var class= 304 "LITERAL">SO_REUSEADDR</var> flag on the connection. This 305 flag effectively sets the timeout value on the ports and 306 connections to 0, allowing immediate reuse of the ports. 307 When done on an originating end of a connection, this will 308 allow the originating port number to be reused 309 immediately.</p> 310 311 <p>It would appear that by setting <var class= 312 "LITERAL">SO_REUSEADDR</var> on the originating end that we 313 have solved our problems. However, unless the destination 314 end of the connection sets its <var class= 315 "LITERAL">SO_REUSEADDR</var> flag on the connection, it 316 will still do a timeout. Thus when we try to make a 317 connection from a port that was active within a short 318 period of time to the same host, then it will reject the 319 connection until the timeout is over.</p> 320 321 <p>The <var class="LITERAL">reuse_addr</var> flag (default 322 off) forces the <b class="APPLICATION">LPRng</b> software 323 to set the <var class="LITERAL">SO_REUSEADDR</var> flag on 324 originating connections. As indicated, this will allow 325 ports to be reused immediately for outgoing connections, 326 rather than waiting for a timeout.</p> 327 328 <p>While the <var class="LITERAL">reuse_addr</var> flag 329 usually allows us to reuse ports, there is still the 330 problem of dealing with connections failing due to the 331 remote site rejecting the connection due to a pending 332 timeout from a previous connection. A careful study of the 333 original BSD TCP/IP network code and of some others 334 indicates that when a connection fails due to a pending 335 timeout, an ECONNREFUSED error code is returned to a <code 336 class="FUNCTION">connect()</code> system call. If this 337 happens and we suspect that the remote site is rejecting 338 the connection due to a timeout problem, then we should 339 retry making the connection but from a new port, and 340 continue retrying until all possible ports are used.</p> 341 342 <p>The <var class="LITERAL">retry_econnrefused</var> 343 (default on) flag is used to specify that we retry 344 connections in this manner. When this is set, a <var class= 345 "LITERAL">connection refused</var> error causes the 346 connection to be retried using a new port. This will be 347 repeated until all available ports have been tried.</p> 348 349 <p>When printing a job and the <b class= 350 "APPLICATION">lpd</b> server connection to a remote site or 351 device open fails, the <var class= 352 "LITERAL">retry_nolink</var> (default on) will cause the 353 attempt to be retried indefinitely. The combination of <var 354 class="LITERAL">retry_econnrefused</var> and <var class= 355 "LITERAL">retry_nolink</var> will provide robust connection 356 attempts to remote systems.</p> 357 358 <p>While the above problems cause difficulties when making 359 connections, there are also problems when terminating 360 connections. After closing a socket, the TCP/IP software 361 will try to flush any pending data to the destination. 362 Unfortunately, on some systems it will only do this while 363 the process is active. This has caused problems on systems 364 which terminate a process it has received an abnormal 365 (signal caused) termination.</p> 366 367 <p>The <code class="FUNCTION">setsockopt()</code> SO_LINGER 368 option allows the user to specify that when a socket is 369 closed normally, that the process should block until 370 pending data is flushed or for the <var class= 371 "LITERAL">socket_linger</var> period. If <var class= 372 "LITERAL">socket_linger</var> is 0, then no SO_LINGER 373 operation is done.</p> 374 375 <p>In summary, if you experience problems with connection 376 failures due to port exhaustion, first try setting the <var 377 class="LITERAL">reuse_port</var> flag, and you should see a 378 reduction. Check to ensure that the <var class= 379 "LITERAL">retry_econnrefused</var> and <var class= 380 "LITERAL">retry_nolink</var> flags are set, and the error 381 code in the log and status files. If the failures continue, 382 then the problem is caused by the remote end having timeout 383 limitations and there is little you can do except to set a 384 very long <var class="LITERAL">connect_retry</var> 385 interval, say <var class="LITERAL">connect_retry=120</var> 386 (2 minutes).</p> 387 </div> 388 </div> 389 390 <div class="NAVFOOTER"> 391 <hr align="LEFT" width="100%"> 392 393 <table summary="Footer navigation table" width="100%" border= 394 "0" cellpadding="0" cellspacing="0"> 395 <tr> 396 <td width="33%" align="left" valign="top"><a href= 397 "x9787.htm" accesskey="P">Prev</a></td> 398 399 <td width="34%" align="center" valign="top"><a href= 400 "index.htm" accesskey="H">Home</a></td> 401 402 <td width="33%" align="right" valign="top"><a href= 403 "remotesupport.htm" accesskey="N">Next</a></td> 404 </tr> 405 406 <tr> 407 <td width="33%" align="left" valign="top"><b class= 408 "APPLICATION">LPRng</b> accounting.pl Utility</td> 409 410 <td width="34%" align="center" valign="top"> </td> 411 412 <td width="33%" align="right" valign="top">Protocol 413 Requests and Replies</td> 414 </tr> 415 </table> 416 </div> 417 </body> 418</html> 419 420