none
KB2553549 installing problem RRS feed

  • Pertanyaan

  • Hello. I have a problem. I have a Windows server enterprise edition on which i have installed WSUS server. The problem is that it opens connections with himself or with the domain controller until it remains without source-ports and cannot allow any new connections. I've searched the internet and found that this is a Windows problem and that i should get KB2553549 hotfix. I've tried to install this hotfix but Windows Update Standalone Installer tells me "The update does not apply to your system" (as you can see in the pic. Any ideas? I will attach a pic after i will get my account checked.

    Kamis, 17 Januari 2013 11.54

Jawaban

  • Hi Dragos,

    You know, this is a Romanian forum so we could simply write in Romanian but considering that this thread is started in English I guess it's fine.

    The message you received states that either the hotfix does not apply to your operating system or the server has already been patched. The KB you mentioned applies to operating systems like Vista/2008 and later but I guess you don't actually have 2003 version, right?

    What errors do you have in the Event Logs?

    You say you have a Windows Server Enterprise edition, but what version? The reason I ask is because by default, the dynamic port range in Windows Server 2003 was 1024-5000 for both TCP and UDP. In Windows Server 2008 (and Windows Vista), the dynamic port range is 49152-65535, for both TCP and UDP.

    You can use for example netstat -anob > c:\ports.txt to try and identify the application that is using those ports and see if you can troubleshoot anything from there.

    Here are some workarounds to this issue:

    1. Increase the number of dynamic ports that can be allocated to clients.

    First, as MS recommends you should backup your registry before making changes so be sure to do that.

    Start regedit, go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters and create a new DWORD value called MaxUserPort and in the value you can enter a decimal value between 5000 and 65534.

    Close regedit, then restart.

    Also keep note of this "Increasing the range of ephemeral ports used for client TCP/IP connections consumes Windows kernel memory. Do not increase the upper limit for this setting to a value higher than is required to accommodate client application socket connections so as to minimize unnecessary consumption of Windows kernel memory."

    2. Reduce the client TCP/IP socket connection timeout value from the default value of 240 seconds

    Again regedit, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters create a new DWORD value called TcpTimedWaitDelay . The valid range of this value is 30 through 300 (decimal). The default value is 240.

    TcpTimedWaitDelay reduces the time a connection remains in TIME_WAIT state when the connection is being closed.

    Again, you must restart the computer after making the registry changes in order to apply.

    I hope the suggestions are helpful.


    http://mariusene.wordpress.com/

    • Ditandai sebagai Jawaban oleh Denis Chiurtu Senin, 28 Januari 2013 18.20
    Sabtu, 19 Januari 2013 20.37

Semua Balasan

  • Hi Dragos,

    You know, this is a Romanian forum so we could simply write in Romanian but considering that this thread is started in English I guess it's fine.

    The message you received states that either the hotfix does not apply to your operating system or the server has already been patched. The KB you mentioned applies to operating systems like Vista/2008 and later but I guess you don't actually have 2003 version, right?

    What errors do you have in the Event Logs?

    You say you have a Windows Server Enterprise edition, but what version? The reason I ask is because by default, the dynamic port range in Windows Server 2003 was 1024-5000 for both TCP and UDP. In Windows Server 2008 (and Windows Vista), the dynamic port range is 49152-65535, for both TCP and UDP.

    You can use for example netstat -anob > c:\ports.txt to try and identify the application that is using those ports and see if you can troubleshoot anything from there.

    Here are some workarounds to this issue:

    1. Increase the number of dynamic ports that can be allocated to clients.

    First, as MS recommends you should backup your registry before making changes so be sure to do that.

    Start regedit, go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters and create a new DWORD value called MaxUserPort and in the value you can enter a decimal value between 5000 and 65534.

    Close regedit, then restart.

    Also keep note of this "Increasing the range of ephemeral ports used for client TCP/IP connections consumes Windows kernel memory. Do not increase the upper limit for this setting to a value higher than is required to accommodate client application socket connections so as to minimize unnecessary consumption of Windows kernel memory."

    2. Reduce the client TCP/IP socket connection timeout value from the default value of 240 seconds

    Again regedit, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters create a new DWORD value called TcpTimedWaitDelay . The valid range of this value is 30 through 300 (decimal). The default value is 240.

    TcpTimedWaitDelay reduces the time a connection remains in TIME_WAIT state when the connection is being closed.

    Again, you must restart the computer after making the registry changes in order to apply.

    I hope the suggestions are helpful.


    http://mariusene.wordpress.com/

    • Ditandai sebagai Jawaban oleh Denis Chiurtu Senin, 28 Januari 2013 18.20
    Sabtu, 19 Januari 2013 20.37
  • Senin, 28 Januari 2013 10.37