Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows 7 tcpip.sys Auto Patcher to Remove TCP/IP Connection Limit

17 May 2009   #11
Camineet

Build 7000
 
 
no such registry key

After first running the patch and then choosing to 'restore original file', which apparently worked because the test mode watermark has disappeared from my desktop, I'm trying to verify that Build 7000 is not limited to 10 half open connections by locating the registry key you mentioned. But my registry has no such key in that location. Is there any other way to discover the limit number on my system without installing any software? I have tried running my torrent client (Bitcomet) to see if it will report the number somewhere, but didn't have any luck. Please advise. Thanks a lot.


My System SpecsSystem Spec
.
17 May 2009   #12
Quill

Clients: XP/Win7/ubuntu
 
 

From the author of TCP-Z :

Quote:
Say Bye To Half-open TCP Connections Limit In Vista/2008 SP2
Thursday, May 7, 2009


Good news from Microsoft!

At May 6, 2009, In this article, Microsoft confirm that:
By default, the half-open TCP connections limit is disabled in Windows Server 2008 with Service Pack 2 (SP2) and in Windows Vista with Service Pack 2 (SP2).

Thank for this, my doubts about RateLimit long time ago has been solved by Microsoft's answer.

Last year, I found a case. In Vista, I can simply modify the value "TcpCreateAndConnectTcbRateLimitDepth" from 1 to 0 in the kernel memory, and then the Half-open TCP connections limit has been removed immediately!
But I am not sure whether this is a safe method. so, in tcp-z, this function never be active. TCP-Z only show this value.

After Vista 16670 and Windows 7 6956, Microsoft strangely set TcpCreateAndConnectTcbRateLimitDepth to 0 in default.
In latterly version of TCP-Z, it will show a lock icon to distinguish these difference.

Now, Microsoft answer: It's safe! and provide a simple modification method by registry.
When you add a registry entry "EnableConnectionRateLimiting", and set to 1 or 0, it will switch TcpCreateAndConnectTcbRateLimitDepth between 1/0 synchronously.
You can see the changes in the graph of TCP-Z.
After TcpCreateAndConnectTcbRateLimitDepth change to 1, Windows will calculate the create rate and do the limitation. In testing you can see the value is limited to 11.


This registry entry only works in Windows Server 2008 with SP2 / Windows Vista with SP2 / Window 7.

It is time to retire for me!


Full article in Microsoft.com
My System SpecsSystem Spec
09 Nov 2009   #13
JoHn87

Windows 7 Pro x64
 
 

so this is disable by default in Windows 7.

so does that means it will just build up as many connections it requires?

EDIT: sorry for the epic bump, just need some answers
My System SpecsSystem Spec
.

09 Nov 2009   #14
H2SO4

Win7x64
 
 

Quote   Quote: Originally Posted by JoHn87 View Post
so this is disable by default in Windows 7.

so does that means it will just build up as many connections it requires?

EDIT: sorry for the epic bump, just need some answers

Short version: yes.


====================================
Real answer: It was never about limiting the number of connections. This mechanism used to limit the number of "half-open" TCP sessions in an effort to slow the propagation of malware from infected machines.

A TCP session between any two machines starts off with what's known as a "3-way handshake", even though there's only two machines . The name stems from the 3 packets required to "establish" the session:

1) Initiator sends a SYN packet informing the target of its intention to communicate and its own "synchronisation" sequence number offset.

2) Target responds with a SYN-ACK letting the initiator know that the first packet has been received ("acknowledged"), and informing the initiator of its own starting sync offset.

3) Initiator responds with an ACK, thereby completing the handshake sequence.

After all that, the session is established and the two sides can send information to each other until they decide to tear the session down.

A "half-open" session is one where the initial SYN (step 1) has been sent, but no response has yet been received. In other words, there's nothing yet to indicate that the target is willing to talk to us, or that it even exists on the IP/port that the SYN was sent to.

The "half-open" throttling mechanism used to limit the number of those not-yet-fully established sessions to a maximum of 10 at any time, because MS (rightly) felt that anything more constituted burst-type activity which was likely associated with malware trying to spread itself as fast as possible.

Given a latency of say 100ms, malware which is throttled in this way will spread much, much slower than if it's completely unbridled and able to initiate thousands of concurrent half-open sessions in an opportunistic fashion (fire off a crapload of SYNs all at once and just work with the targets which respond).

While the vast majority of legit applications don't behave in this manner, the two notable exceptions were torrent clients (stretching the definition of "legit" of course) and server-style apps which some companies ran on Windows clients to decrease their licensing costs. Torrent clients would sometimes bump up against the 10 half-open limit, and that would cause a scary-looking event to be logged. Many torrenters ended up "patching" the TCPIP.SYS driver in an attempt to knock out the throttling mechanism, and that brought problems of its own in the form of BSODs and similar issues.

In the end, I guess MS decided the level of additional security didn't warrant the additional chaos caused by driver patchers and the flak they were getting in the press, and hence decided to remove the mechanism as of Vista SP2.
My System SpecsSystem Spec
11 Nov 2009   #15
JoHn87

Windows 7 Pro x64
 
 

thanks H2SO4

that clears up alot now.
My System SpecsSystem Spec
12 Nov 2009   #16
H2SO4

Win7x64
 
 

Quote   Quote: Originally Posted by JoHn87 View Post
thanks H2SO4

that clears up alot now.
No problem mate
My System SpecsSystem Spec
12 Nov 2009   #17
swarfega

Windows 7 Professional 64-bit
 
 

hmm EnableConnectionRateLimiting isnt in my registry.
My System SpecsSystem Spec
12 Nov 2009   #18
H2SO4

Win7x64
 
 

Quote   Quote: Originally Posted by swarfega View Post
hmm EnableConnectionRateLimiting isnt in my registry.
3: kd> x tcpip!TcpCreateAndConnectTcbRateLimitDepth
fffff880`01b81d3c tcpip!TcpCreateAndConnectTcbRateLimitDepth = <no type information>
3: kd> dd fffff880`01b81d3c l1
fffff880`01b81d3c 00000000


That throttling mechanism is disabled in Win7 and perhaps entirely vestigal in terms of code. Do you actually want to enable it for some purpose?
My System SpecsSystem Spec
12 Nov 2009   #19
swarfega

Windows 7 Professional 64-bit
 
 

nah i wanted to make sure it was disabled.
My System SpecsSystem Spec
Reply

 Windows 7 tcpip.sys Auto Patcher to Remove TCP/IP Connection Limit




Thread Tools




Similar help and support threads
Thread Forum
MTU Limit - Test and change your connection's MTU limit
An MTU limit that is set too high can cause fragmented packets and packet loss on your connection. This tutorial will explain how to test if your MTU limit is sending fragmented packets and will explain how to find what value you should be using. 1) Open an elevated command prompt and type: ...
Tutorials
How to limit the download speed of my internet connection
I'm using a USB dongle to connect to the internet. Sometimes i want to limit my download speed of the connection. How can i do that? Is there any programs that allow me to achieve this?
Network & Sharing
Increase network connection limit beyond 20
I am trying to increase my network connection limit greater than 20. I am backing up my servers to a windows7 storage machine and it constantly gives my a "no more connections available" error and then bombs out. These are not the half-connections, but full established connections. Trying to...
Network & Sharing
remove universal theme patcher and install windowblinds problem
i use VS theme and want to switch to windowblinds (public). i restored files that UTP offered and installed WB, but all i get is sort of windows 98 blinds (gray and no aero) and something with explorer goes wrong so when i open window i just see frames (of the window) and no content. when i...
Customization
TCPIP Connection patch ????
Only problem :sick: I can see right now in win7 is that the max connections is way too low. :cry::cry: That is why I am getting low speeds with utorrent.:cry: Any patch to increase Max connection limit?
Network & Sharing


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:44.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App