How RPC Works
How RPC Works
Hello Guys, Today will share some idea about how RPC works.
An
RPC service configures itself in the registry with a universally unique
identifier (UUID). UUIDs are well-known identifiers, unique for each
service and common across all platforms. When an RPC service starts, it
obtains a free high port and registers that port with the UUID. Some
services use random high ports and others try to use the same high
ports all the time (if they are available).
Below is the the diagram that shows How RPC works.
When a client wants to communicate with a particular RPC service, it cannot determine in advance which port the service is running on. It establishes a connection to the server's portmapper service (on 135) and requests the service it wants by using the service's UUID. The portmapper returns the corresponding port number to the client and closes the connection. Finally, the client makes a new connection to the server by using the port number it received from the portmapper.Because it is impossible to know in advance which port an RPC service will use, the firewall must permit all high ports through.
When a program tries to connect to a RPC, it requests a free port from
the system. The system randomly generates the port no and give it to
program requesting the port no. The default dynamic range is
1024-65535. System can give out the ports available from this range
randomly.
- KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters
- Entry Name: TCPWindowSize
- Type: DWORD
- Value: 65535
Microsoft
has increased the dynamic client port range for outgoing connections
in Windows Vista and in Windows Server 2008. The new default start port
is 49152, and the default end port is 65535. This is a change from the
configuration of earlier versions of Windows that used a default port
range of 1025 through 5000
Below are some Kb for more details about RPC Configuration in different scenarios.
How to configure RPC dynamic port allocation to work with firewalls
If you want to specify static ports for known services on DC like
Netlogon, NTDS, FRS etc. then follow the articles below.
Restricting Active Directory replication traffic to a specific port
How to restrict FRS replication traffic to a specific static port
No comments:
Post a Comment