Skip to main content
R
RockerNJ
Inspiring
June 9, 2025
Answered

Too many established TCP ports

  • June 9, 2025
  • 1 reply
  • 5039 views

I have a server running 7 instances of CF (6 sites plus root instance).  If I run a NetStat, I generally see about 1800 ports as "ESTABLISHED"  (see below for a sample).  Why so many ports connected to itself?

 

Ultimately what happens is the server just kind of dies because it can't establish any more sockets.  I don't think it's "port exhaustion" because I see the total number of connections staying around that 1800 mark, and there aren't piles of TIME_WAIT entries.

 

What I THINK is happening, is, as this issue is cycling through ports, it gets to a 65535 ceiling and is not looping back to lower ports, thus killing connectivity.

 

Any thoughts on what's going on here?

 

TCP 127.0.0.1:49890 site01-wf:49891 ESTABLISHED
TCP 127.0.0.1:49891 site01-wf:49890 ESTABLISHED
TCP 127.0.0.1:49892 site01-wf:49893 ESTABLISHED
TCP 127.0.0.1:49893 site01-wf:49892 ESTABLISHED
TCP 127.0.0.1:49894 site01-wf:49895 ESTABLISHED
TCP 127.0.0.1:49895 site01-wf:49894 ESTABLISHED
TCP 127.0.0.1:49896 site01-wf:49897 ESTABLISHED
TCP 127.0.0.1:49897 site01-wf:49896 ESTABLISHED
TCP 127.0.0.1:49898 site01-wf:49899 ESTABLISHED
TCP 127.0.0.1:49899 site01-wf:49898 ESTABLISHED
TCP 127.0.0.1:49900 site01-wf:49901 ESTABLISHED
TCP 127.0.0.1:49901 site01-wf:49900 ESTABLISHED

    Correct answer RockerNJ

    Very interesting to hear. Looking forward to further news as it becomes available. 


    Just a followup for you guys since you've all been awesome with helping.  Updating these settings seems to have fixed the problem (at least so far).  No crashes since making the update!

     

    netsh int ipv4 set dynamicport tcp start=32767 num=32768

    netsh int ipv6 set dynamicport tcp start=32767 num=32768

     

    and a registry edit:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

    TcpTimedWaitDelay

    REG_DWORD

    Value: 30

    1 reply

    BKBK
    Community Expert
    BKBKCommunity Expert
    Community Expert
    June 10, 2025

    First of all, what is your:

    • Operating System?
    • ColdFusion version and update level?
    R
    RockerNJAuthor
    Inspiring
    June 10, 2025

    Windows Server 2022 Datacenter

    Coldfusion 2021 + Hotfix20

    BKBK
    Community Expert
    BKBKCommunity Expert
    Community Expert
    June 10, 2025

    Thanks for the information.

     

    The Netstat result is indeed a red flag. The connections are not short-lived (going into TIME_WAIT or closing). Instead, they remain ESTABLISHED. That suggests 2 issues.

     

    Firstly, there might be an infinite loop between 2 servers. The servers are 127.0.0.1 ("localhost") and "site01-wf".  It is likely that, between them, HTTP calls are being generated in a loop. 

     

    To see the process that is running on each of the "Established" sockets:

    1.  Open the Command Prompt (cmd) as Administrator;
    2.  Run the DOS command netstat -anob ;
    3.  Scroll to the lines that resemble the ones you've shown in your first post. The output within each pair of square-brackets is the name of the process that is running. What processes do you see?  

     

    Secondly, there seems to be duplication in the configuration of the local machine. The same machine seems to have been doubly configured as two separate servers, Localhost(127.0.0.1) and Site01-wf .  Because of the incorrect configuration, pairs of connections, such as

    TCP 127.0.0.1:49890 site01-wf:49891 ESTABLISHED
TCP 127.0.0.1:49891 site01-wf:49890 ESTABLISHED

    are actually connections from one server to itself (127.0.0.1:49890 -> 127.0.0.1:49891 -> 127.0.0.1:49890 )

    TCP 127.0.0.1:49890 127.0.0.1:49891 ESTABLISHED
TCP 127.0.0.1:49891 127.0.0.1:49890 ESTABLISHED

or, equivalently,

TCP site01-wf:49890 site01-wf:49891 ESTABLISHED
TCP site01-wf:49891 site01-wf:49890 ESTABLISHED

     

     

     

     

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices