none
TCP Ports used by Cache Service preview

    Question

  • I'm experimenting with the Cache Service preview and am trying to access it from within our corporate network where most outbound ports are blocked. Can anyone tell me the entire range of TCP ports the Cache Service preview will attempt to use? I found this blog http://blogs.msdn.com/b/cie/archive/2013/10/18/unable-to-connect-to-cache-service-endpoint-due-to-port-blockage.aspx but it does not detail all the ports that could be used.

    I have found that yesterday I was experimenting and it was using port 22233, so based on that blog post I asked our IT group to open ports 22233 and 24233. Getting this permission is not trivial. Now today I find it failing because it is trying to use port 22234. Before I go back and ask for more ports from our IT group I really want to know the full range.

    Is this documented anywhere? And ideally I could control the ports, can I?

    Sunday, January 12, 2014 12:10 AM

Answers

  • I gave you the max port range that you can have with Cache Service so that if tomorrow you scale out your cache SKU you don't have to worry about opening the new port(s) again.

    You never get to control the ports with cache service. The reason of this constraint is when you provision a cache service endpoint it internally provisions VMs of appropriate sizes for you so that the endpoint front ends the request but the data is distributed across those VMs (as noted by ScottGu).

    So the way this works is when the client makes the very first connection to cache service it talks over port 24233 (non SSL) or 25233 (SSL) and then it downloads the internal topology of how many service instances are laid out for you. Every service instance would listen on a port, for non SSL it starts from 22233 and for SSL it starts from 23233 and since the client knows the instance ids it just adds instance ids to the starting port to determine the instance it wants to talk to.

    Every cache size unit corresponds to a VM internally hence total cache size divided by cache unit is the no. of VM provisioned and the ports.

    So if whatever max cache size you think you are going to have you can figure out the no. of VMs and ports. E.g. for five VMs the ports should be from 22233 to 22237 (non SSL) ...

    HTH


    Anurag Sharma

    • Marked as answer by Curious George Tuesday, January 14, 2014 1:13 AM
    Monday, January 13, 2014 6:33 PM
    Owner

All replies

  • Hello George,

    Here are the TCP ports that should be opened for outbound communication in your firewall/ proxy/ network

    NonSSL: 24233 and range 22233 to 22265

    SSL: 25233 and range 23233 to 23265

    What did you mean by controlling the ports ?


    Anurag Sharma

    Monday, January 13, 2014 7:19 AM
    Owner
  • Thanks Anurag. Wow, that range is much larger than I expected. By controlling the ports I was referring to some way through configuration to specify which port it would use, so that I could have my IT group open up just one or two ports, instead of that whole range. Is that possible?

    Monday, January 13, 2014 2:44 PM
  • I gave you the max port range that you can have with Cache Service so that if tomorrow you scale out your cache SKU you don't have to worry about opening the new port(s) again.

    You never get to control the ports with cache service. The reason of this constraint is when you provision a cache service endpoint it internally provisions VMs of appropriate sizes for you so that the endpoint front ends the request but the data is distributed across those VMs (as noted by ScottGu).

    So the way this works is when the client makes the very first connection to cache service it talks over port 24233 (non SSL) or 25233 (SSL) and then it downloads the internal topology of how many service instances are laid out for you. Every service instance would listen on a port, for non SSL it starts from 22233 and for SSL it starts from 23233 and since the client knows the instance ids it just adds instance ids to the starting port to determine the instance it wants to talk to.

    Every cache size unit corresponds to a VM internally hence total cache size divided by cache unit is the no. of VM provisioned and the ports.

    So if whatever max cache size you think you are going to have you can figure out the no. of VMs and ports. E.g. for five VMs the ports should be from 22233 to 22237 (non SSL) ...

    HTH


    Anurag Sharma

    • Marked as answer by Curious George Tuesday, January 14, 2014 1:13 AM
    Monday, January 13, 2014 6:33 PM
    Owner
  • Thank you so much for the very detailed answer Anurag. This is the kind of response I love from Microsoft, everything I need to know. And now I have some understanding of what is happening behind the scenes a little.

    Much appreciated!

    Tuesday, January 14, 2014 1:15 AM