Windows 2008 Port Exhaustion issues
Posted on 2011-04-27
I have a single domain forest with Windows 2003/2008 Domain controllers. I recently upgraded one of my remotes sites from windows 2003 to 2008. Its Windows 2008 Standard Server with SP2, latest updates. It is a domain controller. this is one of several other sites I have upgraded but the only one with this issue. It was fine for the first couple of weeks then I started getting a lot of AD erros in the event log, I was losing connectivity to DS and not able to replicate. I wasn't even able to open up ADUC without an error. I could not run dcdiag or netdom or repadmin without getting ldap down errors. I can reboot and the issues clear up for about a day then come back and connectivity start failing again.
With further investigation and running some netstat commands I was seeing that I was getting thousands of SMS Port 445 connections to the point of Port Exhaustion and windows would run out of ports and RPC would fail. I could not see what process or application was causing this. Again I could reboot, things would clear up, run netstat and see Port 445 connections slowly climbing. I have a ticket open with microsoft but it is slow going. Already ran wireshark trying to capture what is happening.
This server does not face the internet by the way.
Has anyone seen or had this issue? Please let me know if you need further information