What Is Ephemeral Ports

Ephemeral Port Limits

Every time you open a connection to another machine you need to have a port both at the local machine and the remote machine for exchanging data. The port at the remote machine is typically well known in the sense that the port number is a fixed number or published through some mechanism that doesn't change very frequently. This allows the service that is listening on the port to have a well known address. The port at the local machine can be any port number and often you don't care what that number is. Every time you make a new connection the port number can change.
These short lived port allocations are typically called ephemeral ports and are allocated using a wildcard request. Your request is just for any free ephemeral port rather than for a specific port number. On older Windows systems the default range allowed for ephemeral ports was 1025 to 5000 giving you a little bit less than 4000 free ports. In rare cases there may be no free ephemeral ports available, which will cause the connection open to fail or timeout. This would be unlikely on a client machine but is more likely to take place on a middle-tier machine that is creating connections for every client request that is processed.




On Windows Vista and Server 2008 the default range of ephemeral ports is now 49152 to 65535 giving you a little bit more than 16000 free ports. It would now be very unlikely for all of the ephemeral ports to be in use. You would probably want to start caching and reusing connections faster than the operating system recycled ports once you have that many ports in use. However, you can change this ephemeral port range if you need more ports or if the range conflicts with a port number used by your application.




The basic command for changing the ephemeral port range looks like this.
netsh int ipv4 set dynamicport tcp start=49152 num=16384
You can use ipv6 instead of ipv4 and udp instead of tcp depending on the protocols used by your application. A similar command shows what your current ephemeral port range is.
netsh int ipv4 show dynamicport tcp



You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 computer by using the following netsh commands:

• netsh int ipv4 show dynamicport tcp
• netsh int ipv4 show dynamicport udp
• netsh int ipv6 show dynamicport tcp
• netsh int ipv6 show dynamicport udp

Note The range is set separately for each transport and for each version of IP. The port range is now truly a range with a starting point and with an endpoint. Microsoft customers who deploy servers that are running Windows Server 2008 may have problems with RPC communication between servers if firewalls are used on the internal network. In these cases, we recommend that you reconfigure the firewalls to allow for traffic between servers in the dynamic port range of 49152 through 65535. This range is in addition to well-known ports that are used by services and by applications. Or, the port range that is used by the servers can be modified on each server. You adjust this range by using the netsh command, as follows:

netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range

This command sets the dynamic port range for TCP. The start port is number, and the total number of ports is range. The following are sample commands:

• netsh int ipv4 set dynamicport tcp start=10000 num=1000
• netsh int ipv4 set dynamicport udp start=10000 num=1000
• netsh int ipv6 set dynamicport tcp start=10000 num=1000
• netsh int ipv6 set dynamicport udp start=10000 num=1000

These sample commands set the dynamic port range to start at port 10000 and to end at port 10999 (1000 ports). The minimum range of ports that can be set is 255. The minimum starting port that can be set is 1025. The maximum end port (based on the range being configured) cannot exceed 65535. To duplicate the default behavior of Windows Server 2003, use 1025 as the start port, and then use 3976 as the range for both TCP and UDP. This results in a start port of 1025 and an end port of 5000.Note When you install Microsoft Exchange Server 2007 on a Windows Server 2008-based computer, the default port range is 1025 through 60000.




Source : http://blogs.msdn.com/b/drnick/archive/2008/09/19/ephemeral-port-limits.aspx