Overnight (2022-09-15) a personal windows machine I have running a few docker services rebooted and docker containers failed to bind to ports:
Attaching to gitlab-gitlab-1
Error response from daemon: Ports are not available: exposing port TCP 0.0.0.0:51443 -> 0.0.0.0:0: listen tcp 0.0.0.0:51443: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
A little research showed someone from a few years ago having the same issue and it was from Microsoft updating their range of dynamic/excluded ports. This is to comply further with the Service Name and Transport Protocol Port Number Registry.
Using the command: netsh interface ipv4 show excludedportrange protocol=tcp
I can see the ports currently used to expose the services are overlapping with the excluded port range:
Start Port End Port
---------- --------
5357 5357
50000 50059 *
50593 50692
50693 50792
50793 50892
50893 50992
51064 51163
51164 51263
51264 51363
51364 51463
51464 51563
51564 51663
51664 51763
51764 51863
51864 51963
51964 52063
52064 52163
52164 52263
* - Administered port exclusions.
Although it could be possible to adjust the excluded port ranges, the easiest solution is to change the port mappings.
For my particular setup this is a minor hassle since I have two firewall layers with a DMZ and using Traefik as a load balancer. Still, the resolution isn't hard, just annoying.