Many excludedportranges how to delete - hyper-v is disabled

windows-10 networking

I found an answer at this GitHub comment: you might try

net stop winnat

to free the port. This worked for you in Windows 10 2004, and for me in Windows 10 20H2.

(In earlier version of Windows, I was successful with one of the following, compare How can I know what is preventing my socket to bind to localhost:50060-50959).

net stop LanmanWorkstation
net stop WlanSvc
net stop WwanSvc

While that may disconnect your network, don't despair. Because, if one of the above works for you, you may try the following once to fix this permanently:

netsh int ipv4 add excludedportrange protocol=tcp startport=50323 numberofports=1

(adapt the startport and the numberofports to your needs - also, consider ipv6 if needed).

This should survive a net start of the corresponding service as well as a reboot, as you can check using

netsh interface ipv4 show excludedportrange protocol=tcp

If this outputs

Protocol tcp Port Exclusion Ranges

Start Port    End Port
----------    --------
[...]
     50145       50244
     50323       50323     *
     50324       50423
[...]
* - Administered port exclusions.

you should be good for a while.


It seems to be related to Hyper-V issues described here:

  1. https://stackoverflow.com/a/63723105/3234715
  2. https://github.com/docker/for-win/issues/3171
  3. https://gist.github.com/strayge/481a77d31a94e133a76662877b1a90ca#another-workaround

I've added the registry key:

reg add HKLM\SYSTEM\CurrentControlSet\Services\hns\State /v EnableExcludedPortRange /d 0 /f

Which cleared most of the reserved ports (there are many reserved ranges such as 1612-2111, 2180-2779, etc..)


The answer by @yoshpe (relating to Hyper-V) is one potential cause of the issue.

However, the issue was different for me. In my case, it's because Windows started with its "dynamic ports" configured to start at port 1025 and end at port 5000. Because of this, when Docker Desktop started up, it would reserve its ports within the 1025-5000 port range, which was (sometimes!) conflicting with the ports that my own programs were configured to reserve/use. (for port-forwarding from my local Kubernetes cluster to localhost)

To see if your dynamic-ports is set incorrectly, you can run:

netsh int ipv4 show dynamicport tcp

If you see Start Port: 1025, then the dynamic-ports range is misconfigured. To fix it, you'll need to set it to a more sensible range -- avoiding the <10k ports. (which is typically where devs place their own apps)

To set it to the recommended range: (if your issue is with ipv6, then adjust the command accordingly)

netsh int ipv4 set dynamic tcp start=49152 num=16384

For more info, see here: https://stackoverflow.com/a/62359555/2441655

Related

Which lightweight HTTP or FTP Server is good for simple file transfer? [closed]
How can I run a program remotely via SSH but display locally
Use runas with a domain account on a non-domain machine in Windows 2k/XP/Vista/7
Apply styling and formating to XML in MS Word?
Escape non-printing characters in a function for a Bash prompt
Is it safe to use a regular marker (Sharpie, etc.) to write on a CD-R disc?
Emacs keybindings in zsh not working (Ctrl-A, Ctrl-E)
In Outlook 2013, is there a way to run AutoArchive immediately?
What is a word to describe a person who wears several masks?
Difference between "everlasting" and "eternal"
What do we call parents who lose their child? [duplicate]
Why is "appreciate" pronounced as though the "c" is an "sh"?