Is there any way to narrow down dynamic port range between Exchange 2010 CAS and Exchange 2010 CAS MBX servers communication
Hello there, We are looking a way to narrow down a port range used for Exchange 2010 SP2 CAS and Exchange 2010 SP2 MBX commnucation. Anyone has any comment about this: Doable or not, advantage or disadvantage? Note: I am not talking about Outlook static mapping port and CAS. Exchange 2010 SP2, Windows 2008 R2 SP1. I have checked following MS links: The Client Access servers use many ports to communicate with Mailbox servers. With some exceptions, those ports are determined by the RPC service and aren't fixed. http://technet.microsoft.com/en-us/library/bb331973.aspx By default Windows Server 2008 and 2008 R2 are configured with a dynamic RPC range of 49152-65535 for outbound connections. Earlier versions of Windows Server by default used port 1025-65535 (for more details about this change see Microsoft KB article (http://support.microsoft.com/kb/929851 ) Also, when the Exchange 2010 Client Access server role is installed on Windows Server 2008 or 2008 R2, the dynamic RPC port range is changed to 6005-59530 (previous version using 1025-65535) and the highest usable port number is set to 60554. and the following link about to change port range for Microsoft RPC: http://zmq503o1.wordpress.com/2005/07/20/limiting-rpc-port-mapper-service-ports/ Thanks in advance!
June 5th, 2012 10:50am

I have a comment. I think what you're trying to do is unsupported.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
Free Windows Admin Tool Kit Click here and download it now
June 6th, 2012 1:08am

I have a comment. I think what you're trying to do is unsupported.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
June 6th, 2012 1:08am

I have a comment. I think what you're trying to do is unsupported.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
Free Windows Admin Tool Kit Click here and download it now
June 6th, 2012 1:15am

According to Ed's post: just in case you plan to place a CAS server into a DMZ -> Microsoft stated officially in one of my own past advisory calls that filtering between CAS and MBX is not supported. Regards, MarkusMCSE:Messaging
June 6th, 2012 5:04am

According to Ed's post: just in case you plan to place a CAS server into a DMZ -> Microsoft stated officially in one of my own past advisory calls that filtering between CAS and MBX is not supported. Regards, MarkusMCSE:Messaging
Free Windows Admin Tool Kit Click here and download it now
June 6th, 2012 5:04am

According to Ed's post: just in case you plan to place a CAS server into a DMZ -> Microsoft stated officially in one of my own past advisory calls that filtering between CAS and MBX is not supported. Regards, MarkusMCSE:Messaging
June 6th, 2012 5:12am

Here is a related thread for you, hope can give you some help: Reducing the dynamic ports range between Exchange 2010 servers? http://social.technet.microsoft.com/Forums/en-US/exchangesvrdeploy/thread/0620f0d8-dc06-43db-a9fe-282e7274f5a9 Thanks, Evan Evan Liu TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
June 6th, 2012 5:36am

Here is a related thread for you, hope can give you some help: Reducing the dynamic ports range between Exchange 2010 servers? http://social.technet.microsoft.com/Forums/en-US/exchangesvrdeploy/thread/0620f0d8-dc06-43db-a9fe-282e7274f5a9 Thanks, Evan Evan Liu TechNet Community Support
June 6th, 2012 5:44am

Thanks Evan! That's what I am looking for. BTW, do you know if it will cause any issue if we narrow it down to 1000? The poster mentioned, narrow it down to 250 should be OK.
Free Windows Admin Tool Kit Click here and download it now
June 6th, 2012 3:36pm

HI Exaadmin818, how many users do you have? I recommend you reserve 3 to 4 ports per users, 250 didn't work for us.
July 19th, 2012 9:44pm

HI Exaadmin818, how many users do you have? I recommend you reserve 3 to 4 ports per users, 250 didn't work for us.
Free Windows Admin Tool Kit Click here and download it now
July 19th, 2012 9:51pm

The range depends, keep in mind with win 2008 the rpc port range and the ephemeral port range is the same and shared unlike 2003, you need to take this into account when sizing the range. I was able to get by using 1000 ports 500 was too small and got bit. To size the range you need to use netstat. Here are the instructions when I sized my port range usage. Use netsh or regedit to determine the start/stop/number of ports the system is using for ephemeral/dynamic rpc ports.Then Open a command window netstat -an | findstr /v /c:"[" /c:"UDP" > output.txtnotepad output.txt In notepad press Ctrl+HIn the Find/Replace dialog, Find : (the colon), replace with (a single space character, no quotes)Press Ctrl+A, Ctrl+C Open Excel select cell A1, press Ctrl+V click Data to show the data ribbonclick Text to Columns in the Data ribbon to open the Text to Columns Wizard click Delimited, then NextIn the delimiters area, select the space checkbox deselect the others, click Next click Finish(Note: Normally, you will NOT be prompted to replace contents of destination cells. If you are, you may have made a mistake.) In Excel, click inside the netstat output you just worked withpress Ctrl+A In the Data ribbon click Filter In the Excel worksheet click on the drop-down for the Address column (which should be the local ports (the third column). )sort the table by this column, smallest to largest. Use the mouse to select ONLY the Address column (the one with the local ports)Press Ctrl+C, then Paste the Address column to a different worksheet in the workbook.Select the entire (new) Address column that you just pasted.In the Data ribbon click the Remove Duplicates button In the list of ports where you have just removed the duplicates, count the number of ports in the Address column that are inside the range the system is using. Thats how many ports are in use from the range James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
July 20th, 2012 10:41am

The range depends, keep in mind with win 2008 the rpc port range and the ephemeral port range is the same and shared unlike 2003, you need to take this into account when sizing the range. I was able to get by using 1000 ports 500 was too small and got bit. To size the range you need to use netstat. Here are the instructions when I sized my port range usage. Use netsh or regedit to determine the start/stop/number of ports the system is using for ephemeral/dynamic rpc ports.Then Open a command window netstat -an | findstr /v /c:"[" /c:"UDP" > output.txtnotepad output.txt In notepad press Ctrl+HIn the Find/Replace dialog, Find : (the colon), replace with (a single space character, no quotes)Press Ctrl+A, Ctrl+C Open Excel select cell A1, press Ctrl+V click Data to show the data ribbonclick Text to Columns in the Data ribbon to open the Text to Columns Wizard click Delimited, then NextIn the delimiters area, select the space checkbox deselect the others, click Next click Finish(Note: Normally, you will NOT be prompted to replace contents of destination cells. If you are, you may have made a mistake.) In Excel, click inside the netstat output you just worked withpress Ctrl+A In the Data ribbon click Filter In the Excel worksheet click on the drop-down for the Address column (which should be the local ports (the third column). )sort the table by this column, smallest to largest. Use the mouse to select ONLY the Address column (the one with the local ports)Press Ctrl+C, then Paste the Address column to a different worksheet in the workbook.Select the entire (new) Address column that you just pasted.In the Data ribbon click the Remove Duplicates button In the list of ports where you have just removed the duplicates, count the number of ports in the Address column that are inside the range the system is using. Thats how many ports are in use from the range James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
July 20th, 2012 10:41am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics