WCF Duplex Service and TCP Port Exhaustion

Question

I am trying to wrap my head around this. I am making a business specific messaging application, it is going to connect between 5000 and 10,000 machines back to our datacenter via WCF (no vpns, all over the net). It is mainly for alerts and I need to be able to send message direclty to specific clients, and WCF allows me to do all of this with a Duplex contract, but with this many clients it got me thinking about maxing out the TCP port space of 65535 ports.

I am going to assume that all inbound connections are going to come in over whatever port I choose, but outbounds back to the clients are going to take one port each. I am curious if the WCF port sharing service does anything to solve this issue or if its just 65535 ports to an IP address? For that matter, how does MSN Messenger and the like deal with this situation. Granted I may never reach it, but I am getting in the realm at least.

Or does the WCF duplex contract on the service end keep the port open for the callback for the duration of the client, or does it release it?

Answer 1

I think each port is actually a combination of DestinationTCPAddress and Port Number - so you won't run out.

I.e. You can have several subscribers all being talked to on the same source port. It just becomes a matter of capacity.

Answer 2

It is still pretty easy to drain the default TCP stack in a high open/close transaction environment e.g. socket server serving non-persistent connections.

This is exhacerbated by the default TIME-WAIT delay - the amount of time that a socket has to be closed before being recycled - this defaults to 90s (if I remember right)

To recycle some bits from one of my other threads - there are a bunch of registry keys that can be tweaked - suggest at least the following keys are created/edited

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

TcpTimedWaitDelay = 30
MaxUserPort = 65534 
MaxHashTableSize = 65536 
MaxFreeTcbs = 16000

Plenty of docs on MSDN & Technet about the function of these keys. e.g.

http://technet.microsoft.com/en-us/library/cc776295.aspx

It is pretty common to tweak these keys for socket server applications e.g. SQL, Biztalk, IIS etc.

Answer 3

If these connections are all going to be concurrent then you will need to ensure that your firewall can cope with that many connections at once.

Stateful firewalls need to record each ongoing connection going through them so that they can tell whether subsequent packets are permitted. It's not uncommon for small firewalls to have session limits in the hundreds.

Answer 4

Connections are distinct (at least at the IP layer) by source address, and destination address, source port, destination port. Some sort of OS limitation on the maximum number of connections may become an issue, but don't get hung up on the idea that the port numbers themselves are any sort of realistic limitation.