How to see what is reserving ephemeral port ranges on Windows?

windows networking tcp port netsh
18,333

Solution 1

Investigate and Free the Ports

It appears that Hyper-V reserves random ports (or something Hyper-V related at least). Use netsh int ip show excludedportrange protocol=tcp to confirm that the ports that aren't working are in the output.

This has worked for me to free the ports up. It doesn't seem intrusive to me (25 thumbs up):

This is often caused by the Windows NAT Driver (winnat), stopping and restarting that service may resolve the issue.

net stop winnat
docker start ...
net start winnat

After this the ports were no longer reserved, but my WSL2 terminal no longer had connection to the internet, so I needed to reboot after this to get everything working again.

Reserve the Ports From Now On

If you don't do anything more, you'll likely run into this problem again. So to e.g. reserve ports 9012 and 9013 for your future use (so winnat never tries to use them):

netsh int ipv4 add excludedportrange protocol=tcp startport=9012 numberofports=2

(Thanks @Venryx for reminding me)

Other Approaches

In an answer to a similar question about why docker couldn't open ports (24 thumbs up), this also worked for me:

netcfg -d --this will clean up all networking devices, and requires a reboot

Somebody does warn about it though (4 thumbs up). Your maileage may vary. It worked for me, mostly because I didn't see the following warning until after I ran it successfully....

that (netcfg -d) is dangerous command, it corrupted my docker and it does not start up anymore. Even after reinstalling HyperV. and rebooting machine. It seems that this command removes several network adapters. Also restart does nothing. I had to reset (loose) containers and images but that led me to another issue

another answer to a similar docker question (129 thumbs up) has this, but it seemed much more involed for me, so I didn't try it:

@veqryn the workaround worked for me, the steps are:

  1. Disable hyper-v (which will required a couple of restarts)

    dism.exe /Online /Disable-Feature:Microsoft-Hyper-V

  2. When you finish all the required restarts, reserve the port you want so hyper-v doesn't reserve it back

    netsh int ipv4 add excludedportrange protocol=tcp startport=50051 numberofports=1 store=persistent

  3. Re-Enable hyper-V (which will require a couple of restart)

    dism.exe /Online /Enable-Feature:Microsoft-Hyper-V /All

when your system is back, you will be able to bind to that port successfully.

Solution 2

I had the same problem and uninstalled Hyper-V, but the reserver ports were still there. After several attempts I identified Windows Sandbox as the culprit to be disinstalled

Share:
18,333
Liam
Author by

Liam

Updated on June 22, 2022

Comments

  • Liam
    Liam almost 2 years

    I have a Windows application that needs to use ports 50005 and 50006 but it is being blocked.

    I see the following when I run netsh int ip show excludedportrange protocol=tcp:

    Protocol tcp Port Exclusion Ranges

Start Port    End Port
----------    --------
5357        5357
49709       49808
49809       49908
49909       50008
50009       50108
50109       50208
50280       50379

* - Administered port exclusions.

    So something on my machine is reserving ports 49909 to 50008, which is presumably what is causing my application to fail. I've tried deleting this excludedportrange with the following command:

    netsh int ip delete excludedportrange protocol=tcp numberofports=100 startport=49909

    But I see an error Access is denied., which makes me think that whatever is reserving this ports is actively running, but I have no idea what that could be.

    What's also weird is that after running that command, even though I saw an error, if I reboot the excludedportrange will be different.

    As a sanity check I've also run resmon.exe and confirmed that there is nothing running on ports 50005 and 50006.

    How can I tell what is adding the excludedportrange?

    EDIT: I've narrowed this down to Hyper-V. If I disable Hyper-V then those ports are not excluded.

  • Yogesh Jindal
    Yogesh Jindal over 3 years
    I tried the winnat service restart to succesfully free up the ports as that seems like the easiest optoin. Hopefully it continues to work for me in the future and does not corrupt anything
  • Peter V. Mørch
    Peter V. Mørch over 3 years
    I agree, @YogeshJindal. It is also the one I now use when I run into this from time to time. I've edited the post to make it the first suggestion.
  • zentrunix
    zentrunix about 3 years
    Stopping and restarting "winnat" (whatever that is) worked for me. It worked immediately, didn't even require a restart. Windows 10 Pro 20H2 19042.804 Windows Feature Experience Pack 120.2212.551.0
  • Peter V. Mørch
    Peter V. Mørch about 3 years
    Thanks @zentrunix, I've clarified my answer. The reason I needed to reboot after stop/start winnat was that it broke my WSL2 networking.
  • Nickolodeon
    Nickolodeon about 3 years
    Is there an answer to original question - which process exactly has reserved the range? (Not workarounds with stopping something hoping port range will be unreserved.)
  • Doug Cuthbertson
    Doug Cuthbertson almost 3 years
    Thanks so much! Those last three steps from an administrator command shell work for me. I run Hugo locally and normally it grabs port 1313, but lately it wasn't able to even after a reboot. Disabling Hyper-V as above, running netsh int ipv4 add excludedportrange protocol=tcp startport=1313 numberofports=2 store=persistent, re-enabling Hyper-V, and rebooting fixed it.
  • Venryx
    Venryx almost 3 years
    For my setup at least, the above fixes were just workarounds for the root problem, which was that the dynamic-ports range was set incorrectly on my pc. I found the solution here: stackoverflow.com/a/62359555/2441655

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Open a test TCP connection to a specified IP/Port
What are the default nmap options?
Open TCP port in Windows 7 and read incoming data, what program to use?
How do I find out which process is using up all the TCP connections?
System process is using a port, why? Windows 7
Network Traffic per process/application windows
Enabling or disabling NIC remotely with windows 2008
Is the same port acting as both client and server?
How do networking ports work? Can I configure the ports that client and server use?
How do I enable my network connection using command prompt?