All Products
Search

This Product

    :The ECS instance fails to connect to the internal or public server port multiple times

    Document Center

    :The ECS instance fails to connect to the internal or public server port multiple times

    Last Updated:Dec 30, 2020

    Problem description

    The internal and public ports (any port cannot be connected) that cannot be connected to the server on the ECS instance for several times. However, the ping succeeds. After a period of time, the connection is automatically restored. When viewing the system log, you may find the following information.

    TCP/IP cannot establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error usually occurs when outgoing connections are opened and closed at a high rate, which causes all available local ports to be used and forces TCP/IP to reuse the local port for outgoing connections. To minimize the risk of data corruption, TCP/IP standards need to wait for the shortest period of time in a continuous connection between a given local endpoint and a given remote endpoint.

    Solution

    Alibaba Cloud reminds you that:

    • Before you perform operations that may cause risks, such as modifying instance configurations or data, we recommend that you check the disaster recovery and fault tolerance capabilities of the instances to ensure data security.
    • You can modify the configurations and data of instances including but not limited to Elastic Compute Service (ECS) and Relational Database Service (RDS) instances. Before the modification, we recommend that you create snapshots or enable RDS log backup.
    • If you have authorized or submitted sensitive information such as the logon account and password in the Alibaba Cloud Management Console, we recommend that you modify such information in a timely manner.
    1. Modify the TCP port restriction at the OS level by changing the registry and set the TcpTimeWaitDelay to 30 seconds and the MaxUserPort to 65500 seconds. This can increase the number of TCP connections at the operating system level, because if the number of TCP connections is full, new connections cannot be established.
      Note: for specific adjustment data, please refer to the actual environment.
    2. To modify the registry, you must restart the server for the configuration to take effect. If you do not restart the server, you can only try to temporarily increase the number of ports. Open the command prompt and run the following commands to increase the number of ports: 
      netsh int ipv4 set dyn tcp [$Start_Num] [$Num_Range]
      Note:
      • [$Start_Num] is the startup port.
      • [$Num_Range] indicates the number of ports.

    Scope

    • Elastic Compute Service