How to change/view the ephemeral port range on Win

2019-01-26 13:01发布

In Linux I can view or change the ephemeral port range using the /proc/sys/net/ipv4/ip_local_port_range file.

How can I view or change the ephemeral port range on a Windows machine?

2条回答
【Aperson】
2楼-- · 2019-01-26 13:42

http://www.ncftp.com/ncftpd/doc/misc/ephemeral_ports.html#Windows says:

As of Windows Vista and Windows Server 2008, Windows now uses a large range (49152-65535) by default, according to Microsoft Knowledgebase Article 929851. That same article also shows how you can change the range if desired, but the default range is now sufficient for most servers.

For older Windows operating systems (Windows XP and older), Windows uses the traditional BSD range of 1024 through 4999 for its ephemeral port range. Unfortunately it appears that you can only set the upper bound of the ephemeral port range. Here is information excerpted from Microsoft Knowledgebase Article 196271:

  • Start Registry Editor (Regedt32.exe).
  • Locate the following key in the registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
  • On the Edit menu, click Add Value, and then add the following registry value:

    Value Name: MaxUserPort Data Type: REG_DWORD Value: 65534 <for example>

    Valid Range: 5000-65534 (decimal) Default: 0x1388 (5000 decimal)

    Description: This parameter controls the maximum port number used when an application requests any available user port from the system. Normally, ephemeral (that is, short-lived) ports are allocated between the values of 1024 and 5000 inclusive.

  • Quit Registry Editor.

Note: There is another relevant KB article (812873) which claims to allow you to set an exclusion range, which could mean that you could exclude ports 1024-9999 (for example) to have the ephemeral port range be 10000-65534. However, we have not been able to get this to work (as of October 2004).

查看更多
做自己的国王
3楼-- · 2019-01-26 13:45

ReservedPorts is not supported for versions > Windows Server 2003.

There is a hotfix to add the missing functionality via netsh.

http://support.microsoft.com/kb/2665809

查看更多
登录 后发表回答