Ephemeral or dynamic port usage as related to CA Process Automation

Document ID : KB000112430
Last Modified Date : 29/08/2018
Show Technical Document Details
Introduction:
Ephemeral or dynamic ports are used by every server and client for short lived communications. 
When a connection is made _to_ a server via a specific port (in the case of CA Process Automation to an agent using port 7003) we know the port we are connecting to. 
But, the server or client that the connection is coming _from_ uses a random available port from its ephemeral port range. 
When the communication is complete, the connection will enter a TIME_WAIT state. After the default delay of 4 minutes (240 seconds), it will be able to be reused. 

With the change in the range beginning with Windows 2008, port exhaustion is less likely to be problematic, but the symptoms can still be seeing. Prior to Windows 2008, the ephemeral port range was 1025 - 5000. Beginning with Windows 2008 the default start port is 49152 and the default end port is 65535.
Background:
Although port exhaustion is less likely to be problematic with a larger range of available ephemeral ports, the symptoms can still be seen.
These include:

Network connectivity errors 
Inability to access fileshares 
Authentication issues 
High handle counts 
Server appears unresponsive or unable to connect 
High numbers of connections in the TIME_WAIT state 
Memory errors

 
Environment:
This is applicable to Windows servers 2008 through Windows 2016.
Please see the additional information below for hotfix and auto-reuse information.
Instructions:

You can see exactly the defined ephemeral ports for your server using the following netsh commands:

netsh int ipv4 show dynamicport tcp
netsh int ipv4 show dynamicport udp
netsh int ipv6 show dynamicport tcp
netsh int ipv6 show dynamicport udp

and returns something like the following:

C:\Users\Administrator>netsh int ipv4 show dynamicport tcp

Protocol tcp Dynamic Port Range
---------------------------------
Start Port      : 49152
Number of Ports : 16384

This shows your available ephemeral ports as the default of 49152 - 65536

To see exactly what ports are being used by which applications on your server, run the following:

netstat -b

If you find a high number of ephemeral ports in the TIME_WAIT state (run netstat -an | find /c "TIME_WAIT") you can change the default value of the 4 minute delay to something less.
To make this change consult your network admins before continuing. This change involves the Windows registry. Always take a backup before making any changes.
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters 
Right click Parameters > New > DWORD 
Name - TcpTimedWaitDelay 
Value data will be a value between 30 and 240 -- the default value is 240 (4 minutes).

Please engage your network admins to make the best decision for your environment.
 

Additional Information:
For Windows 2012, there is a hotfix available from Mircrosoft for exhausted ephemeral ports available here:

https://support.microsoft.com/en-us/help/3014399/various-network-and-computer-issues-occur-when-tcp-ephemeral-ports-are

For Windows 2016, the above page explains how to use the new auto-reuse port range feature.