|
Shortcuts
|
Windows XP SP2 tcpip.sys connection limit patchAdditional XP SP2 tweaks - Remove the Windows XP SP2 TCP Connection limit (Event ID 4226)2004-09-18 (updated: 2009-12-08) by Philip Tags: tweak, XP, TCP/IP, tcpip.sys, patch In addition to the tweaks already covered in Win 2k/XP Registry Tweaks and More Win 2k/XP Tweaks, the Windows XP Service Pack 2 introduces a few new issues covered in the article below. Please make sure you understand what you are doing before making any changes to your Operating System. Note the information below only applies to Windows XP Service Pack 2.
Remove the limit on TCP connection attempts Windws XP SP2 introduces a few new twists to TCP/IP in order to babysit users and "reduce the threat" of worms spreading fast without control. In one such attempt, the devs seem to have limited the number of possible TCP connection attempts per second to 10 (from unlimited in SP1). This argumentative feature can possibly affect server and P2P programs that need to open many outbound connections at the same time. Rant: The forward thinking of Microsoft developers here is that you can only infect 10 new systems per second via TCP/IP ?!?... If you also consider that each of those infected computers will infect 10 others at the same rate: In other words, even though it is not going to stop worm spreading, it's going to delay it a few seconds, limit possible network congestion a bit, and limit the use of your PC to 10 connection attempts per second in the process ! I have no problem with the new default setting limiting outbound connection attempts. Still, users should have the option to easily disable or change this setting. I might be going out on a limb here, but ever since the introduction of Windows XP I can't help thinking that I dislike all the bult-in Windows "wisardry" in a sense that the system also limits user access. That irritating trend to ease the mental load on end users is somewhat insulting, considering that Windows is to make the more "intelligent" choice instead of the end user, as well as limit their access to tuning such settings... With the new implementation, if a P2P or some other network program attempts to connect to 100 sites at once, it would only be able to connect to 10 per second, so it would take it 10 seconds to reach all 100. In addition, even though the setting was registry editable in XP SP1, it is now only possible to edit by changing it directly in the system file tcpip.sys. To make matters worse, that file is in use, so you also need to be in Safe mode in order to edit it. You only need to worry about the number of connection attempts per second if you have noticed a slowdown in network programs requiring a number of connections opened at once. You can check if you're hitting this limit from the Event Viewer, under System - look for TCP/IP Warnings saying: "TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts". Keep in mind this is a cap only on incomplete outbound connect attempts per second, not total connections. Still, running servers and P2P programs can definitely be affected by this new limitation. Use the fix as you see fit. To change or remove the limit, you can use the following program:
Edit tcpip.sys manually to remove the TCP/IP socket creation limit Another option, for the more adventurous is to modify your tcpip.sys file manually, using a hex editor. The following instructions refer to the final release of XP SP2, with a tcpip.sys file of exactly 359,040 bytes, CRC-32 is 8042A9FB, and MD5 is 9F4B36614A0FC234525BA224957DE55C. Even thouh there might be multiple tcpip.sys files in your system, make sure to work with the one in c:\windows\system32\drives\ directory. To remove the tcpip.sys socket creation limit: All done ! The above change does not require editing of the CRC in offset 130 hex (thanks for the clever solution Thomas Wolf Tompkins). Notes: The above information increases the RATE of opening outgoing connections. It has nothing to do with the limit of 10 connections to network shares on a Windows workstation PC for sharing files (a MS imposed limit to force you to upgrade to a server version of the OS). This 10 connections to network shares limit was introduced with NT4 workstation (SP3), and exists in Windows 2k workstation, and Windows XP home/pro/mc. It only applies to authenticated windows services, such as file and print sharing.
For a Vista version of the above tweak, see our Windows Vista tcpip.sys connection limit patck for Event ID 4226 article.
User Reviews/Comments:
rate:
avg:
by
leo_jnw - 2006-07-14 13:27
Hi,
I have downloaded and installed the patch! I ran a speed test and discovered that after installing the patch, my internet speed reduces from 2250 to 1220kbps. Any idea whats happening?? How can I solve the problem?? Thanks!
Hi,
After installing the Tcpip patch, do i still need to use the cablenut software to further tweak my broadband settings?? Or should i use cablenut to tweak first then apply the patch?? Thanks in advance!!
We recommend using the TCP Optimizer for tweaking your internet connection, rather than Cablenut. It is downloadable from here: http://www.speedguide.net/downloads.php
You can use the TCP Optimizer before or after applying this patch, they do not interfere with each other in any way.
I installed the patch, did the safemode then install thing, but my pc still crashes..
I just upgrade my windows to winxp sp2.. i'm using panda anivi 2006 used utorrent, azureus, bittorrent, bitcomet... hope you guys can help me.. thanks..
I tried this though I didn't Safe Mode my machine, just ran it once downloaded (ignoring AVG screaming about it). At first I was very pleased as my torrent download rate skyrocketed.
Then the next day my internet connection dropped from 400Kb/s to 60Kb/s. I reversed the patching and erased the patcher from my system and my connection is back up to 400Kb/s. Why did that happen?
Thats a limitation on Windows XP workstation. It can only accept ten concurrent Workstation connections.
Very Brilliant! Works like a charm! Safemode/comand prompt worked. No errors in the event viewer. I have noticed pages load faster when surfing. Thanks much appreciated. Blizz
I'm sorry to disappoint everyone who's applied this patch, but SP2 works the same as SP1, despite this so-called "limit". How come?
The limit is 10 'half-open' connections per second, to the SAME port. NOT 10 full tcp connections per second as most people understood it. What does this mean? That when you use a p2p program, you are not really limited... the only limitation is that you will find sources a little bit slower than with the patch applied. The patch won't grant you faster speeds... it will only find sources a little bit faster, who will then queue you for the file you requested. You may notice that bittorrent starts downloading a bit faster than without the patch, but that's just because it found the seeds faster... if you wait a few more seconds without the patch, you will too start to download at fast speeds. Event ID 4226 isn't an issue, it just warns you that in one second, the 10 half-open connection limit was reached. The next second, you have another 10 half-open connections available to reach the same port. Most people fail to understand this. I've never applied the patch, and all p2p progs I use still function as with SP1. Cheers.
Change the path to the tcpip.sys file. The full path of the file is c:\windows\system32\drivers\tcpip.sys
I cannot get the link to the patch site to work. Has the programer of the patch for SP2 limits moved? Is there anywhere to get this patch?
Thank you, Donna
Hi. I couldn't get the patch to work at all. It keeps coming up that it couldn't rename the file. I tried it in safe mode, safe mode with command prompt, and didn't get anywhere. Any ideas?
Lloyd
What if I cant boot my comp into SafeMode? Everytime I try to boot in safemode, it gets to the point where it shows all the files being loaded, but then it restarts, EVERYTIME. Any help would be greatly appreciated, because this has been happening for a while now. Thanks!
Thanks first,it is very useful
I've downloaded the new version of Bit Spirit, and I've also downloaded the patch recommended, but my browser still won't open when I'm on BS - any ideas?
Does anybody know the right offsets to edit for a tcpip.sys file with a MD5 checksum of 1dbf125862891817f374f407626967f4?
Huge improvement in PC performance and p2p connectivity. Thnx :)
can i just change 50 to 1000?? does it harm you computer?
because last time im trying to change 50 to 200 my windows move so slow. p/s sorry my bad english im from germany
Ok, i'm using Windows XP professional version 5.1 (build 2600.xpxp_sp2_qfe.061030-0020 : Service Pack 2).
The patch from lvllord.de doesn't work because the system says [This version of TCPIP.SYS is not supported to be modified] in BitComet. How do i enlarge the number of half-open TCP connections? Please help.
This does not work in Windows XP Pro x64 Edition (SP2 or higher), in fact, NONE of the currently available patched versions or patch info is correct for this OS. I'd be very thankful if someone stood up and solved this.
My Event logs keep showing me the 4226 errors. The stupid 'security limit' is limiting my speeds dramatically!
Same problem for me ... need XP x64 patch (or correct offset)
I agree with the writer, these kinds of things are the worst thing MicroSoft started doing to their OS. This is exactly why I will never even use Vista, because it is insulting my experience with Windows.
By the way, another user of Windows XP x64 here, for which tcpip.sys patching does not do a thing. It seems this OS isn't even using the file, since I can erase/change each existing tcpip.sys file on this OS without any warning.
hallelujah this fixed so many problems I was having... torrent speeds jumped to 350kbps down and stopped causing my connection to cut out and kill my server box. thank you!
I used this patch. I increased the half-open connection limit to 100 and it's amazing.
I have insane Torrent speeds and when I was downloading something I simply could not browse anymore. Installed patch and hello ! Now I can download a torrent at 7 MB/sec, upload on 10-15 others and still surf the web as if the connection is not even in use. Simply outstanding ! Thanks
im having problem using the patch, it says Error writing to file: %SystemRoot%\System32\Drivers\TCPIP.SYS.ORIGINAL. Also if i want to hex edit the .sys file, what to i need to edit just to change the open connection to say 100 instead of 65000?
KB941644 changed tcpip.sys (MD5: 64798ECFA43D78C7178375FCDD16D8C8) and new offset should be 4f6a2, but checksum fails after patch and system restores old tcpip.sys. Any hints?
|
