Tuesday, September 26, 2006

Windows: TCP Port conflicts above 1024

We have repeatedly run into problems with our JBoss application servers not being able to start after a Windows system reboot, because their configured network ports (e. g. 1099) had already been claimed by some other process.

It took quite a while to find the reason, because often just trying again several times without stopping or starting any other programs, it would suddenly succeed.

What turned out to be the reason is the dynamic port allocation for ports above 1024 (so called ephemeral ports). If any process requests a random port, it may get one of those you would like to use for your own applications.

On Windows 2000/2003 Server installations as well as on Windows XP Pro you can reserve port ranges (even if they only cover a single port) for your applications. Effectively they are not reserved for anything specific, but just excluded from the dynamic allocation. To do so, create or edit the following registry value (type REG_MULTI_SZ/Multi-String Value):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ReservedPorts

In this value specify port ranges in the format xxxx-yyyy with xxxx and yyyy being the lowest and highest port of the range to be reserved. To reserve a single port, just use the same values for both (e. g. 1099).

What I find interesting is the suprisingly high frequency of this problem occuring. Even though I do not know for sure, I suspect Windows just starting random allocations at 1024 and counting upwards. That would at least to some degree explain why the problem occurred so often for 1099 but not for other, higher ports.

Responsible for assigning those random ports is the "RPC endpoint mapper", itself reachable via TCP port 135. There are several components that make use of this service, many of them included in Microsoft products. Most of these can be individually configured to request specific ranges or single ports to be used, but if you need specific ports to be reserved for your application under all circumstances, using the parameter above seems more sensible.

For further information see the original Microsoft Knowledgebase item #812873 which describes the ReservedPorts setting and several others, reachable from #832017 which explain in more detail which products can be individually configured.

2 comments:

2photons said...

This is a great summary. I found your post doing research for my own blog post. I had TCP/IP port conflicts on Windows working with a local JBoss server.

I'll link to yours to save me work! Mine is at OpenmakeSoftware under the "Mavericks" section of the build blogs.

Sean Blanton

Anonymous said...

The ephemeral ports are assigned by the kernel, more precisely by the socket interface from the IP network stack.