Say Bye To Half-open TCP Connections Limit In Vista/2008 SP2
Thursday, May 7, 2009
Good news from Microsoft!
At May 6, 2009, In this article, Microsoft confirm that:
By default, the half-open TCP connections limit is disabled in Windows Server 2008 with Service Pack 2 (SP2) and in Windows Vista with Service Pack 2 (SP2).
Thank for this, my doubts about RateLimit long time ago has been solved by Microsoft's answer.
Last year, I found a case. In Vista, I can simply modify the value "TcpCreateAndConnectTcbRateLimitDepth" from 1 to 0 in the kernel memory, and then the Half-open TCP connections limit has been removed immediately!
But I am not sure whether this is a safe method. so, in tcp-z, this function never be active. TCP-Z only show this value.
After Vista 16670 and Windows 7 6956, Microsoft strangely set TcpCreateAndConnectTcbRateLimitDepth to 0 in default.
In latterly version of TCP-Z, it will show a lock icon to distinguish these difference.
Now, Microsoft answer: It's safe! and provide a simple modification method by registry.
When you add a registry entry "EnableConnectionRateLimiting", and set to 1 or 0, it will switch TcpCreateAndConnectTcbRateLimitDepth between 1/0 synchronously.
You can see the changes in the graph of TCP-Z.
After TcpCreateAndConnectTcbRateLimitDepth change to 1, Windows will calculate the create rate and do the limitation. In testing you can see the value is limited to 11.
This registry entry only works in Windows Server 2008 with SP2 / Windows Vista with SP2 / Window 7.
It is time to retire for me!
Full article in Microsoft.com
How to enable the half-open TCP connections limit in Windows Vista with Service Pack 2 and in Windows Server 2008 with Service Pack 2
By default, the half-open TCP connections limit is disabled in Windows Server 2008 with Service Pack 2 (SP2) and in Windows Vista with Service Pack 2 (SP2). This article describes how to impose the half-open TCP connections limit in Windows Server 2008 with SP2 and in Windows Vista with SP2. The limit is ten connections.
Note In Windows Server 2008 and in Windows Vista with Service Pack 1 (SP1), the system allows for a maximum of ten half-open TCP connections at any time.
How to enable the half-open TCP connections limit
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in Windows
To enable the half-open TCP connections limit in Windows Server 2008 with SP2 or in Windows Vista with SP2, set the value of the EnableConnectionRateLimiting DWORD registry entry to 1 (0x00000001).
To do this, follow these steps:
1) Click Start, type regedit in the Start Search box, and then click regedit.exe in the Programs list.
If you are prompted for an administrator password or for confirmation, type your password, or click Continue.
2) Locate and then double-click the following registry key:
3) In the Value data box, type 1, and then click OK.
4) Exit Registry Editor.
5) Restart the computer.
Comment by deepxw: In fact, It's no need to restart computer.
Posted by deepxw at 20:48 |