Forum Discussion
Calculating available ephemeral ports
Hi,
I seem to be running short of ephemeral ports for tcp connections on IPv4. This has lead me to try get a solid understand of just how many ephemeral (eph) ports I have available for IPv4 tcp connections.
I start with the output from netsh int ipv4 show dynamicport tcp which outputs I have 16384 ports in my tcp Dynamic Port Range. I know I can increase this number but this is just a calculation exercise.
Now assume my server has multiple NICs and of course multiple IPs as well as loopback - 127.0.01.
I kind of doubt that I have only 16384 eph ports available across the entire host regardless of the number of local IPs.
Perhaps I have 16384 eph ports available per local IP. That makes more sense. But I know in terms of making a unique tcp connection I need a eph port for each outgoing connection to a foreign host's individual listener.
My port exhaustion seems to be on loopback so let me put my question like this:
using this format : LocalHost:ephPort --> RemoteHost:Listener
for example, do I have
a) 127.0.0.1:EphPort[16384 possibilities] --> 127.0.0.1:443 and
127.0.0.1:EphPort[16384 possibilities] --> 127.0.0.1:444 and so on
or
b) 127.0.0.1:EphPort[16384 possibilities] -->127.0.0.1:[regardless of listener]
or
c) Host: EphPort[16384 possibilities] --> RemoteHost
Another thing that has lead to my question above is the word global in event #4231 I am getting.
"A request to allocate an ephemeral port number from the global TCP port space has failed due to all such ports being in use."
Perhaps I should have just asked for the definition of the global TCP port space.
Thanks,
-Wes
There are 65,535 possible tcp and udp ports
- Wes-EvCopper Contributor
Perhaps you mean 65,535 per server for TCP connections across all NICs/IPs and including connections on 127.0.0.1.
And once you hit that you need to start adding more servers?
You asked about limits of port space so I was answering that. (65,535)
Generally if a process uses some dynamically assigned range of ports and didn't complete (and close) successfully and is repeatedly being triggered then it may be expected behavior to eventually run out of ports.
netstat -aon
should show the result. The short term fix is to reboot. A long term solution is fixing the problem process or connection issues.