Recommended Posts

I just stumpled upon this, a simple entry in the registry that lets you disable the half-open Tcp connection limit :laugh:

It's from an KB article on MS describing how you can enable it on Vista SP2/Win2008 SP2, since it's now by default disabled there.

On Win7, it can be used to disable the half-open Tcp limit :cool:

Simply open regedit and go here:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

There, change the value of "EnableConnectionRateLimiting" to '0' to disable it.

The MS article says you need to reboot after the change, but it seems that with Win7, you don't have to.

Source (Author of Tcp-Z)

MS KB article

I used to patch tcpip.sys in XP but kept hearing conflicting reports about how effective this was. So now in 7 I've left it at the default limit of 10 and I've yet to get any 4226 EventIDs in Event Log. So is it really necessary to mess with the limit after all?

  GreyWolfSC said:
7 doesn't have the limit by default, so the key is unnecessary.

Nonsense. Win7 (*all* builds until 7127!) have the usual limit of 10, as confirmed by Tcp-Z.

Perhaps they'll change that for Rtm, seeing as they disabled it for Vista SP2, but right now, it's still there.

  ak03 said:
I think it is done for torrenting reasons

It's done to stop malware spreading (well, e-mail viruses that spam e-mails)

It doesn't effect torrent speeds (any half open connections over the limit just wait for a second, normal connections don't count)

From the author of TCP-Z

  Quote
Good news from Microsoft!

At May 6, 2009, In this article, Microsoft confirm that:

By default, the half-open TCP connections limit is disabled in Windows Server 2008 with Service Pack 2 (SP2) and in Windows Vista with Service Pack 2 (SP2).

Thank for this, my doubts about RateLimit long time ago has been solved by Microsoft's answer.

Last year, I found a case. In Vista, I can simply modify the value "TcpCreateAndConnectTcbRateLimitDepth" from 1 to 0 in the kernel memory, and then the Half-open TCP connections limit has been removed immediately!

But I am not sure whether this is a safe method. so, in tcp-z, this function never be active. TCP-Z only show this value.

After Vista 16670 and Windows 7 6956, Microsoft strangely set TcpCreateAndConnectTcbRateLimitDepth to 0 in default.

In latterly version of TCP-Z, it will show a lock icon to distinguish these difference.

Now, Microsoft answer: It's safe! and provide a simple modification method by registry.

When you add a registry entry "EnableConnectionRateLimiting", and set to 1 or 0, it will switch TcpCreateAndConnectTcbRateLimitDepth between 1/0 synchronously.

You can see the changes in the graph of TCP-Z.

After TcpCreateAndConnectTcbRateLimitDepth change to 1, Windows will calculate the create rate and do the limitation. In testing you can see the value is limited to 11.

This registry entry only works in Windows Server 2008 with SP2 / Windows Vista with SP2 / Window 7.

It is time to retire for me!

  gregrocker said:
OK, so I add a 32 bit D word registry key "EnableConnectionRateLimiting" set to "0" here: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

and I no longer need to run the TCP-Z patch?

Yes. (You could still use it if you want the statistics, but there's no *need* to run it anymore with that reg entry)

  gregrocker said:
Will I use a Qword key for my 64 bit machines?

No, always a Dword.

  • 3 weeks later...

Sorry for the bump, but I have to ask, is the reg entry

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableConnectionRateLimiting and then a DWORD entry TcpCreateAndConnectTcbRateLimitDepth with a value of 0,

or is it

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters and a DWORD entry EnableConnectionRateLimiting with a value of 0?

While Im here, anyone knows anything about EventID 4226 - TCP/IP has chosen to restrict the scale factor due to a network condition. This could be related to a problem in a network device and will cause degraded throughput.

Thanks!

  Satchmo Bevins said:
Bob's yer uncle.

I dont know what to make of your answer but I assume that is the correct entry. So thanks, I actually entered the first one but later deleted it because I had two concurent BSODs I assumed were network related. Im gonna try this one and see how it goes.

But I dont understand where "TcpCreateAndConnectTcbRateLimitDepth" fits in all of this...

  Satchmo Bevins said:
Bob's yer uncle.

I wouldn't want to have Microsoft Bob for an uncle :x

http://en.wikipedia.org/wiki/Microsoft_Bob

bobboot.th.gif

Bob had a "scrumptious" dog named Rover :x

bobscrumptious.gif

Even though he was never fed properly and only lived on table scraps, he somehow survived and later plagued XP as a Search Assistant :x

  Naala said:
But I dont understand where "TcpCreateAndConnectTcbRateLimitDepth" fits in all of this...

Simply, it *doesn't* fit.

  Naala said:
I dont know what to make of your answer......

"Bob's yer uncle" - slang for "There ya go", "That's the ticket", "Good to go", and the always popular "That is the correct answer".

:cool:

  Lord Ba said:
I wouldn't want to have Microsoft Bob for an uncle :x

Bite your tongue! :D

  spinning_quirK said:
Yes, he's sure about it, because there is no lock icon at the top right corner of the Vista orb.

http://www.mydigitallife.info/2009/06/07/h...patch-required/

Indeed. It also says so on the Tcp-Z homepage itself that there's no patch required :yes:

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • They pulled this same crap with Google Workspace. "hey you get AI now so we are raising your prices". I disabled it for my org but we still have to pay. F this stupid 1984 tiny hat spy crap.
    • Samsung could unveil its Galaxy XR headset ‘Project Moohan' in September by Sagar Naresh Bhavsar Next month, Samsung is expected to unveil the Galaxy Z Fold7, the Galaxy Z Flip7, and an affordable Galaxy Z Flip7 FE, along with the Galaxy Watch8 series. However, the launches don't end there. A fresh report out of South Korea hints that Samsung could launch its much-awaited Galaxy XR augmented reality headset in September. The company has codenamed its first XR headset as "Project Moohan," which translates to "Project Infinite." Samsung has already showcased the Galaxy XR headset a few times in the past. In fact, popular tech YouTuber Marques Brownlee - also known as MKBHD -, got his hands on the Galaxy XR and revealed interesting details about the upcoming device. The Galaxy XR is rumored to come with a sharper display compared to the Apple Vision Pro and run on Google's new operating system for AR and VR headsets, the Android XR. Fast forward to now, Korean publication Newspim reports that Samsung is ready to launch the Galaxy XR headset on September 29 in its home country. Notably, the headset will be unveiled at an Unpacked event and later will go on sale on October 13. Globally, the Galaxy XR headset is expected to launch soon afterwards, though any specific date isn't mentioned. Additionally, the report suggests that fans can expect more teaser videos and prototypes of the headset at the upcoming Unpacked event for the Galaxy Z Fold7 and Flip7. The report also spills some details about the specifications of the Galaxy XR headset. Under the hood, it could run on Qualcomm's new XR2+ Gen 2 chip, made using Samsung's 4nm process. Samsung is also expected to introduce tight integration with its Galaxy ecosystem to offer a connected experience. It will be interesting to see how Samsung holds up against the likes of Meta, which already dominates the XR market, while Apple struggles with high Vision Pro prices.
    • I've put it behind a login for the time being.  I had something like 600,000 requests from just from Alibaba IP addresses that didn't clarify they were bots or scrapers, and so not easy to block using user agent filtering.  I didn't have any issues with bandwidth or accessibility, but that's 600,000 requests just from one cloud provider made to my spinning rust hard drives, that I have to personally pay for when they die, by bots being ran by corrupt mega corporations ignoring my polite requests that they not scrape me and that the information only be accessed by real humans. If any of y'all here were actually using my Kiwix mirror, I have no issue whatsoever creating a username and password for you, just hit me up using one of the methods listed on my personal site and I'll make one for you. https://marcusadams.me
    • I always turn encryption off 1st boot, crazy its on by default on new computers, it should ASK you ON or OFF on 1st boot,, So many people dont even know its on , then forget their windows login and microsoft account,, RETarDED Microsoft is now, , i also find having it on slows things down too
    • Adding AI is just an excuse to hike prices. I don't want any AI features in our Slack workspace and yet will have to pay for it.
  • Recent Achievements

    • Week One Done
      vivetool earned a badge
      Week One Done
    • Reacting Well
      pnajbar earned a badge
      Reacting Well
    • Week One Done
      TBithoney earned a badge
      Week One Done
    • First Post
      xuxlix earned a badge
      First Post
    • First Post
      Tomek Święcicki earned a badge
      First Post
  • Popular Contributors

    1. 1
      +primortal
      672
    2. 2
      ATLien_0
      288
    3. 3
      Michael Scrip
      223
    4. 4
      +FloatingFatMan
      195
    5. 5
      Steven P.
      143
  • Tell a friend

    Love Neowin? Tell a friend!