Does UDP Port 1434 need to be open for named instances with static TCP?
UDP 1434 is used for Named SQL Server instances and SQL Browser service listens on this port for any incoming requests to a named sql server instance. The browser service will respond to the client with TCP port no. for the requested named instance.
From BOL :
The SQL Server Browser service lets users connect to instances of the Database Engine that are not listening on port 1433, without knowing the port number.
To use SQL Server Browser, you must open UDP port 1434. To promote the most secure environment, leave the SQL Server Browser service stopped, and configure clients to connect using the port number.
-
It needs to be open if the port is not explicit in the connection string?
Yes. If browser service is not running, you HAVE to specify servername,portNo
e.g. YourSecureSQLServerName,50101
If the port is static (which it appears to be), you can simply connect to port 50101 using tcp:<ip address of sql server/NAT/firewall>,50101
in your connection string. For example:
tcp:192.168.0.101,50101
You don't need 1434 open through the firewall, and some might consider that a dead giveaway that you have a SQL Server on 50101.
If you don't want to provide the port number in the connection string, then you could provide access to the SQL Browser service on UDP 1434, or you could, if using NAT to provide access to the SQL Server, open port 1433 and redirect it to 50101, and just use the name of the server in the connection string (i.e. no instance name).