Microsoft KB Archive/929851

= The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008 =

Article ID: 929851

Article Last Modified on 10/26/2007

-

APPLIES TO


 * Windows Vista Enterprise
 * Windows Vista Business
 * Windows Vista Business 64-bit Edition
 * Windows Vista Home Basic
 * Windows Vista Home Premium
 * Windows Vista Ultimate
 * Microsoft Windows Code Name “Longhorn”

-





Beta Information
This article discusses a beta release of a Microsoft product. The information in this article is provided as-is and is subject to change without notice.

No formal product support is available from Microsoft for this beta product. For information about how to obtain support for a beta release, see the documentation that is included with the beta product files, or check the Web location where you downloaded the release.



INTRODUCTION
To comply with Internet Assigned Numbers Authority (IANA) recommendations, Microsoft has increased the dynamic client port range for outgoing connections in Windows Vista and in Windows Server 2008. The new default start port is 49152, and the default end port is 65535. This is a change from the configuration of earlier versions of Microsoft Windows that used a default port range of 1025 through 5000.



MORE INFORMATION
You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 computer by using the following netsh commands:
 * netsh int ipv4 show dynamicport tcp
 * netsh int ipv4 show dynamicport udp
 * netsh int ipv6 show dynamicport tcp
 * netsh int ipv6 show dynamicport udp

Note The range is set separately for each transport and for each version of IP. The port range is now truly a range with a starting point and with an endpoint. Microsoft customers who deploy servers that are running Windows Server 2008 may experience problems with RPC communication between servers if firewalls are used on the internal network. In these cases, we recommend that you reconfigure the firewalls to allow for traffic between servers in the dynamic port range of 49152 through 65535. This range is in addition to well-known ports that are used by services and by applications. Or, the port range that is used by the servers can be modified on each server. You adjust this range by using the netsh command, as follows:

netsh int  set dynamic  start= num=

This command sets the dynamic port range for TCP. The start port is, and the total number of ports is. The following are sample commands:
 * netsh int ipv4 set dynamicport tcp start=10000 num=1000
 * netsh int ipv4 set dynamicport udp start=10000 num=1000
 * netsh int ipv6 set dynamicport tcp start=10000 num=1000
 * netsh int ipv4 set dynamicport udp start=10000 num=1000

The examples set your dynamic port range to start at port 10000 and to end at port 11000 (1000 ports). The minimum range of ports you can set is 255. The minimum starting port that you can set is 1025. The maximum end port that is based on the range you set cannot exceed 65535. To duplicate the default behavior of Windows Server 2003, use 1025 as your start port, and then use 3975 as your end port for both TCP and UDP.

