Disable Half-Open Tcp Connection Limit


Recommended Posts

I just stumpled upon this, a simple entry in the registry that lets you disable the half-open Tcp connection limit :laugh:

It's from an KB article on MS describing how you can enable it on Vista SP2/Win2008 SP2, since it's now by default disabled there.

On Win7, it can be used to disable the half-open Tcp limit :cool:

Simply open regedit and go here:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

There, change the value of "EnableConnectionRateLimiting" to '0' to disable it.

The MS article says you need to reboot after the change, but it seems that with Win7, you don't have to.

Source (Author of Tcp-Z)

MS KB article

Link to comment
Share on other sites

thanks for the tip. have to create a new DWORD value "EnableConnectionRateLimiting"

love those direct registry tweaks :)

Edited by Nadja
Link to comment
Share on other sites

I used to patch tcpip.sys in XP but kept hearing conflicting reports about how effective this was. So now in 7 I've left it at the default limit of 10 and I've yet to get any 4226 EventIDs in Event Log. So is it really necessary to mess with the limit after all?

Link to comment
Share on other sites

7 doesn't have the limit by default, so the key is unnecessary.

Nonsense. Win7 (*all* builds until 7127!) have the usual limit of 10, as confirmed by Tcp-Z.

Perhaps they'll change that for Rtm, seeing as they disabled it for Vista SP2, but right now, it's still there.

Link to comment
Share on other sites

Are you sure about this?

tmp6513tmp.jpg

No, I'm not sure. :) I assumed that it was back-ported from Windows 7 to Vista SP2. Hopefully it will be there by RTM.

Link to comment
Share on other sites

I think it is done for torrenting reasons

Whaaaa? I have utorrent and don't have do anything as stupid as this for it to work!

Link to comment
Share on other sites

I think it is done for torrenting reasons

It's done to stop malware spreading (well, e-mail viruses that spam e-mails)

It doesn't effect torrent speeds (any half open connections over the limit just wait for a second, normal connections don't count)

Link to comment
Share on other sites

From the author of TCP-Z

Good news from Microsoft!

At May 6, 2009, In this article, Microsoft confirm that:

By default, the half-open TCP connections limit is disabled in Windows Server 2008 with Service Pack 2 (SP2) and in Windows Vista with Service Pack 2 (SP2).

Thank for this, my doubts about RateLimit long time ago has been solved by Microsoft's answer.

Last year, I found a case. In Vista, I can simply modify the value "TcpCreateAndConnectTcbRateLimitDepth" from 1 to 0 in the kernel memory, and then the Half-open TCP connections limit has been removed immediately!

But I am not sure whether this is a safe method. so, in tcp-z, this function never be active. TCP-Z only show this value.

After Vista 16670 and Windows 7 6956, Microsoft strangely set TcpCreateAndConnectTcbRateLimitDepth to 0 in default.

In latterly version of TCP-Z, it will show a lock icon to distinguish these difference.

Now, Microsoft answer: It's safe! and provide a simple modification method by registry.

When you add a registry entry "EnableConnectionRateLimiting", and set to 1 or 0, it will switch TcpCreateAndConnectTcbRateLimitDepth between 1/0 synchronously.

You can see the changes in the graph of TCP-Z.

After TcpCreateAndConnectTcbRateLimitDepth change to 1, Windows will calculate the create rate and do the limitation. In testing you can see the value is limited to 11.

This registry entry only works in Windows Server 2008 with SP2 / Windows Vista with SP2 / Window 7.

It is time to retire for me!

Link to comment
Share on other sites

OK, so I add a 32 bit D word registry key "EnableConnectionRateLimiting" set to "0" here: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

and I no longer need to run the TCP-Z patch?

Will I use a Qword key for my 64 bit machines?

Link to comment
Share on other sites

OK, so I add a 32 bit D word registry key "EnableConnectionRateLimiting" set to "0" here: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

and I no longer need to run the TCP-Z patch?

Yes. (You could still use it if you want the statistics, but there's no *need* to run it anymore with that reg entry)

Will I use a Qword key for my 64 bit machines?

No, always a Dword.

Link to comment
Share on other sites

  • 3 weeks later...

Sorry for the bump, but I have to ask, is the reg entry

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableConnectionRateLimiting and then a DWORD entry TcpCreateAndConnectTcbRateLimitDepth with a value of 0,

or is it

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters and a DWORD entry EnableConnectionRateLimiting with a value of 0?

While Im here, anyone knows anything about EventID 4226 - TCP/IP has chosen to restrict the scale factor due to a network condition. This could be related to a problem in a network device and will cause degraded throughput.

Thanks!

Link to comment
Share on other sites

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters and a DWORD entry EnableConnectionRateLimiting with a value of 0?

Bob's yer uncle.

Link to comment
Share on other sites

Bob's yer uncle.

I dont know what to make of your answer but I assume that is the correct entry. So thanks, I actually entered the first one but later deleted it because I had two concurent BSODs I assumed were network related. Im gonna try this one and see how it goes.

But I dont understand where "TcpCreateAndConnectTcbRateLimitDepth" fits in all of this...

Link to comment
Share on other sites

Bob's yer uncle.

I wouldn't want to have Microsoft Bob for an uncle :x

http://en.wikipedia.org/wiki/Microsoft_Bob

bobboot.th.gif

Bob had a "scrumptious" dog named Rover :x

bobscrumptious.gif

Even though he was never fed properly and only lived on table scraps, he somehow survived and later plagued XP as a Search Assistant :x

But I dont understand where "TcpCreateAndConnectTcbRateLimitDepth" fits in all of this...

Simply, it *doesn't* fit.

Link to comment
Share on other sites

I dont know what to make of your answer......

"Bob's yer uncle" - slang for "There ya go", "That's the ticket", "Good to go", and the always popular "That is the correct answer".

:cool:

I wouldn't want to have Microsoft Bob for an uncle :x

Bite your tongue! :D

Link to comment
Share on other sites

OK, so Im a little bit smarter every day, today thanks to you, ha ha ha. But really, I thought you were being mean or something... you usually only learn the official version of another language.

So yeah, thanks for help!

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.