1.877.833.1202

Windows server tuning - Port exhaustion

This support article provides solutions on what to do when you see an error in the Windows Server event viewer that contains:

Error Message : Only one usage of each socket address (protocol/network address/port) is normally permitted.

At the bottom of this support article is a listing of event ID's that can be an indicator that this is occurring.  Each of these events will display a similar error:  TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host. 

Explanation of Issue

On Windows Server with ASP, .NET, IIS, etc - there is  normally only one (1) permitted usage of each socket address (protocol/network address/port). When a client initiates a TCP/IP socket connection to a server the client typically connects to a specific port on the server and requests that the server respond to the client on a TCP or UDP port chosen from an available pool of ports. Under certain conditions it is possible that the available ports in the default range will be exhausted. A new client connection will be refused if all ports are used and a message will be written to the event log.

Why this happens   

TCP/IP port exhaustion can occur on a client computer if the client computer is engaging in an unusually high number of TCIP/IP socket connections with a Server application. When a FileHold Server application is very busy with client requests, each FileHold client is making repeated, authenticated calls to the FileHold server application, and consequently there is repeated and continuous open and closing of connections. A client connection is comprised of 5 parts ( Protocol, Local IP, Local Port, Remote IP, Remote Port).

The default for available ports varies by Windows version, but more can generally be enabled as needed. On a very busy server the FileHold application can run into these port bottlenecks within the Windows server.

If all of the available ports are allocated to FileHold client sessions then new clients experience a condition known as TCP/IP port exhaustion. When TCP/IP port exhaustion occurs client port reservations cannot be made and errors will occur in client applications that attempt to connect to a server via TCP/IP sockets. TCP/IP port exhaustion is more likely to occur under high load conditions than under normal load conditions. It can also be an indicator that the server hardware is underpowered and not adequate for the job.

Microsoft provides a nice article on how to trouble shoot and resolve port exhaustion issues.

https://docs.microsoft.com/en-us/windows/client-management/troubleshoot-tcpip-port-exhaust

Listing of Event ID's

Source

Event ID

Value

199, 100

Description

Only one usage of each socket address (protocol/network address/port) is normally permitted

 

Source

Event ID

Value

5000

Description

P1 acceleratorservice.exe, P2 7.5.2.0, P3 475edacb, P4 mscorlib, P5 2.0.0.0, P6 471ebc5b, P7 416b, P8 27, P9 system.runtime.remoting.remoting

 

Source

Event ID

Value

293

Description

TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.

 

Source

Event ID

Value

288

Description

TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.

 

Source

Event ID

Value

323

Description

TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.

 

Source

Event ID

Value

312

Description

TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.

 

Source

Event ID

Value

223

Description

TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.

 

Source

Event ID

Value

291

Description

TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.

 

Source

Event ID

Value

141

Description

TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.

 

Source

Event ID

Value

177

Description

TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.