On our NLB TMG cluster (TMG 2010 Enterprise SP2) we have a problem that on one server we have many dropped connections with a status code 10055 ( An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full.) This started with one alert: Event 14198: The Web Proxy filter failed to create a network socket because there are no available ports on this computer. Forefront TMG already reset the maximal port number to 65535. Make sure this is the value at HKLM\System\CurrentControlSet\Services\TcpIp\Parameters\MaxUsePort and restart the computer to apply this change.
According to some old fixes for ISA 2006 we should shorten time_wait period. But using netstat -ano and counting TCP sessions and time_wait sessions, we see about 8000 - 10000 TCP connections of which abouut 2000-3000 are time_wait. I don't think that that is too much.
We don't see a sudden increase of load.
What could cause these 10055 errors?