navlem
01-17-2006, 09:25 AM
1.Increase bandwidth by tweaking QoS in Windows XP Pro
The following tweak applies only to Windows XP Professional edition.
The default system behavior is that all 100% bandwidth is available, however, if there is a running application that indicates to the OS it needs to send high priority/real time data, then as long as it has the socket open, Windows XP will restrict ?best effort? traffic to 80% of the bandwidth so that high priority traffic can be accommodated. Basically, applications can make this request to the operating system for QoS support using the QoS application programming interfaces (APIs) in Windows and this only applies if a specific app is requesting QoS.
If you'd like to change how much bandwidth is reserved for QoS (the default is 20% of the total bandwidth), do the following:
1. Make sure you're logged in as "Administrator" (not just any account with admin privileges).
2. Navigate to START>Run and type: gpedit.msc
3. Navigate to Local Computer Policy > Administrative Templates > Network > QOS Packet Scheduler
4. In the right window, double-click the limit reservable bandwidth setting
5. On the setting tab, check the enabled setting.
6. Where it says "Bandwidth limit %", change it to read 0 (or whatever percentage you want to reserve for high priority QoS data)
7. Click OK, close gpedit.msc
Under START > My Computer > My Network Connections > View Network Connections, right-click on your connection and under Properties (where it lists your protocols), make sure QOS Packet Scheduler is enabled.
The tweak desribed below helps boost priority for DNS & hostname resolution in general. What this means is, it helps web pages load faster, and has negligible effect on downloads (not counting the couple of ms gain with the host resolution at connect-time).
Applying this tweak assumes some proficiency in editing the Windows Registry using Regedit (Start > Run > type: regedit). As always, backup your Registry before making any changes so you can revert to the previous state if you don't like the results.
================================================== ================================================== ========================
2.Host Resolution Priority Tweak
host name resolution priority
Windows 2k/XP
First, open the Windows Registry using Regedit, and (after backing up) navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\ServiceProvider
Note the following lines (all hex dwords):
Class = 008 (8) - indicates that TCP/IP is a name service provider, don't change.
LocalPriority = 1f3 (499) - local names cache
HostsPriority = 1f4 (500) - the HOSTS file
DnsPriority = 7d0 (2000) - DNS
NetbtPriority = 7d1 (2001) - NetBT name-resolution, including WINS
What we're aiming to do is increase the priority of the last 4 settings, while keeping their order. The valid range is from -32768 to +32767 and lower numbers mean higher priority compared to other services. What we're aiming at is lower numbers without going to extremes, something like what's shown below should work well:
Change the "Priority" lines to:
LocalPriority = 005 (5) - local names cache
HostsPriority = 006 (6) - the HOSTS file
DnsPriority = 007 (7) - DNS
NetbtPriority = 008 (8) - NetBT name-resolution, including WINS
Windows 9x/ME
The tweak is essentialy the same as in Windows 2000/XP, just the location in the Registry is slightly different. For a more detailed description see the Windows 2000/XP section above.
Open the Windows Registry using Regedit, and (after backing up) navigate to:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\VxD\MSTCP\ServiceProvider
You should see the following settings:
Class=hex:08,00,00,00
LocalPriority=hex:f3,01,00,00
HostsPriority=hex:f4,01,00,00
DnsPriority=hex:d0,07,00,00
NetbtPriority=hex:d1,07,00,00
The "priority" lines should be changed to:
LocalPriority=hex:05,00,00,00
HostsPriority=hex:06,00,00,00
DnsPriority=hex:07,00,00,00
NetbtPriority=hex:08,00,00,00
Reboot for changes to take effect.
In addition to the tweaks already covered in Win 2k/XP Registry Tweaks and More Win 2k/XP Tweaks, the Windows XP Service Pack 2 introduces a few new issues covered in the article below. Please make sure you understand what you are doing before making any changes to your Operating System. Note the information below only applies to Windows XP Service Pack 2.
================================================== ================================================== ========================
3.Remove the limit on TCP connection attempts
Windws XP SP2 introduces a few new twists to TCP/IP in order to babysit users and "reduce the threat" of worms spreading fast without control. In one such attempt, the devs seem to have limited the number of possible TCP connection attempts per second to 10 (from unlimited in SP1). This argumentative feature can possibly affect server and P2P programs that need to open many outbound connections at the same time.
Rant: The forward thinking of Microsoft developers here is that you can only infect 10 new systems per second via TCP/IP ?!?... If you also consider that each of those infected computers will infect 10 others at the same rate:
second 1: 1+10 computers
second 2: 10+10*10 computers (110 new ones)
second 3: 10+100*10 computers ( 1110 new ones)
second 4: 10+1000*10 computers (11110 new ones)
....
all the way to 10*60 + 10^60 computers in a single minute (that's a number with 60 digits, or it would far exceed Earth's population). Even if we consider that 90% of those computers are unreachable/protected, one would still reach ALL of them within a minute.
In other words, even though it is not going to stop worm spreading, it's going to delay it a few seconds, limit possible network congestion a bit, and limit the use of your PC to 10 connection attempts per second in the process ! I have no problem with the new default setting limiting outbound connection attempts. Still, users should have the option to easily disable or change this setting. I might be going out on a limb here, but ever since the introduction of Windows XP I can't help thinking that I dislike all the bult-in Windows "wisardry" in a sense that the system also limits user access. That irritating trend to ease the mental load on end users is somewhat insulting, considering that Windows is to make the more "intelligent" choice instead of the end user, as well as limit their access to tuning such settings...
End of rant.
With the new implementation, if a P2P or some other network program attempts to connect to 100 sites at once, it would only be able to connect to 10 per second, so it would take it 10 seconds to reach all 100. In addition, even though the setting was registry editable in XP SP1, it is now only possible to edit by changing it directly in the system file tcpip.sys. To make matters worse, that file is in use, so you also need to be in Safe mode in order to edit it.
You only need to worry about the number of connection attempts per second if you have noticed a slowdown in network programs requiring a number of connections opened at once. You can check if you're hitting this limit from the Event Viewer, under System - look for TCP/IP Warnings saying: "TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts". Keep in mind this is a cap only on incomplete outbound connect attempts per second, not total connections. Still, running servers and P2P programs can definitely be affected by this new limitation. Use the fix as you see fit.
To change or remove the limit, you can use the following program:
Event ID 4226 Patcher v2.11
http://www.speedguide.net/files/xp_sp2/EvID4226Patch211a-en.zip
- A patching program for removing or changing the limit imposed on connection attempts in SP2. The patcher has the ability to restore tcpip.sys back to the original... Still, you might want to back up tcpip.sys, use it at your own risk. The author of this patch can be reached @ http://www.lvllord.de/
================================================== ================================================== ========================
4. Recommended settings for Windows 2000 / XP
Windows 2000 & XP, unlike NT supports large windows as described in RFC1323 ( the 'RcvWindow' has a maximum value of 2**30 rather than 64K), and includes some other improvements over its predecessors you can use to speed up any TCP/IP transfers. , the descriptions and other options are added to provide you with better understanding and enable you to customize your settings.
All the following entries, unless otherwise noted should be placed in the Windows 2000/XP Registry under the key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters
TCPWindowSize
The value of TCP Window in the Windows 2000 Registry is DWORD, representing number of bytes, with range from 0 to 2^30. The recommended values (in red) optimize TCP for any high speed Internet connection and work best in most cases, however if you'd like to use a custom value follow these guidelines:
For best results, the TCPWindow should be a multiple of MSS (Maximum Segment Size). MSS is generally MTU - 40, where MTU (Maximum Transmission Unit) is the largest packet size that can be transmitted. MTU is usually 1500 (1492 for PPPoE connections). To determine the MTU value of your ISP, check out the Advanced Registry Editing section of our site.
There are three places in the Windows 2000 Registry where you can add the TCP Window parameter.
HKLM/SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
GlobalMaxTcpWindowSize="256960" (DWORD, number of bytes) Valid range is from MSS to 2^30. Add the value as a decimal. Note: For best results RWIN has to be a multiple of MSS lower than 65535 times a scale factor that's a power of 2, i.e. 44 x 1460 = 64240 x 2^2 = 256960. If you choose to use a RWIN lower than 65535, you can simply make it multiple of MSS and turn scaling off (Tcp1323Opts=0)
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
TcpWindowSize="256960" (DWORD, number of bytes) Valid range is from MSS to 2^30. Add the value as a decimal. TcpWindowSize can also exist under TcpipParametersInterface - if added at this location, it overrides the global setting for this particular . Note (10/20/00): Seems MS has found another bug in Windows 2000, the TCPWindowSize should be configured with the global setting (GlobalMaxTcpWindowsSize) rather than this one - Q263088
Note: For best results RWIN has to be a multiple of MSS lower than 65535 times a scale factor that's a power of 2, i.e. 44 x 1460 = 64240 x 2^2 = 256960. If you choose to use a RWIN lower than 65535, you can simply make it multiple of MSS and turn scaling off (Tcp1323Opts=0)
Tcp1323Opts
Tcp1323Opts is a necessary setting in order to enable Large TCPWindow support as described in RFC 1323. Without this parameter, the TCPWindow is limited to 64K.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
Tcp1323Opts="1" (DWORD, recommended setting is 1. The possible settings are 0 - Disable RFC 1323 options, 1 - Window scaling but no Timestamp options, 3 - Window scaling and Time stamp options.)
Note: Tcp1323Opts="3" might help in some cases where there is increased packet loss, however generally you'll achieve better throughput with Tcp1323Opts="1", since Timestamps add 12 bytes to the header of each packet.
DefaultTTL
DefaultTTL determines the time in seconds and the number of hops a packet lives. While it does not directly affect speed, a larger value increases the amount of time it takes for a packet to be considered lost, discarded and retransmitted. A value that's too small can cause packets to be unable to reach distant servers at all.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
DefaultTTL="64" (DWORD, recommended setting is 64. Other settings that are widely used are 128 and 32)
EnablePMTUDiscovery
When set to 1 (True), TCP attempts to discover MTU automatically over the path to a remote host. Setting this parameter to 0 causes MTU to default to 576 which reduces overall performance over high speed connections. Note that this setting is different than our Windows 9x recommendation.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
EnablePMTUDiscovery="1" (DWORD - boolean, valid settings are 0-->False and 1-->True. Many connections perform better with this entry at 1, however, if you prefer to set your upstream to send fixed 1500 packets, you might want to use 0 instead). When set at 1, establishing connections and initial transfer speed might slow down a bit, however you will get better throughput if somewhere in the path large packets need to be fragmented.
EnablePMTUBHDetect
Setting this parameter to 1 (True) enables "black hole" routers to be detected, however it also increases the maximum number of retransmissions for a given segment. In most cases you'd want to keep BHDetect to 0 (False).
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
EnablePMTUBHDetect="0" (DWORD - boolean, valid settings are 0-->False and 1-->True. Recommended setting is 0)
SackOpts
This parameter controls whether or not SACK (Selective Acknowledgement) support is enabled, as specified in RFC 2018. SACK is especially important for connections using large TCP Window sizes.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
SackOpts="1" (DWORD - boolean, recommended setting is 1. Possible settings are 0 - No Sack options or 1 - Sack Option enabled).
TcpMaxDupAcks
This parameter determines the number of duplicate ACKs that must be received for the same sequence number of sent data before "fast retransmit" is triggered to resend the segment that has been dropped in transit.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
TcpMaxDupAcks="2" (DWORD - range 1-3, recommended setting is 2).
The following tweak applies only to Windows XP Professional edition.
The default system behavior is that all 100% bandwidth is available, however, if there is a running application that indicates to the OS it needs to send high priority/real time data, then as long as it has the socket open, Windows XP will restrict ?best effort? traffic to 80% of the bandwidth so that high priority traffic can be accommodated. Basically, applications can make this request to the operating system for QoS support using the QoS application programming interfaces (APIs) in Windows and this only applies if a specific app is requesting QoS.
If you'd like to change how much bandwidth is reserved for QoS (the default is 20% of the total bandwidth), do the following:
1. Make sure you're logged in as "Administrator" (not just any account with admin privileges).
2. Navigate to START>Run and type: gpedit.msc
3. Navigate to Local Computer Policy > Administrative Templates > Network > QOS Packet Scheduler
4. In the right window, double-click the limit reservable bandwidth setting
5. On the setting tab, check the enabled setting.
6. Where it says "Bandwidth limit %", change it to read 0 (or whatever percentage you want to reserve for high priority QoS data)
7. Click OK, close gpedit.msc
Under START > My Computer > My Network Connections > View Network Connections, right-click on your connection and under Properties (where it lists your protocols), make sure QOS Packet Scheduler is enabled.
The tweak desribed below helps boost priority for DNS & hostname resolution in general. What this means is, it helps web pages load faster, and has negligible effect on downloads (not counting the couple of ms gain with the host resolution at connect-time).
Applying this tweak assumes some proficiency in editing the Windows Registry using Regedit (Start > Run > type: regedit). As always, backup your Registry before making any changes so you can revert to the previous state if you don't like the results.
================================================== ================================================== ========================
2.Host Resolution Priority Tweak
host name resolution priority
Windows 2k/XP
First, open the Windows Registry using Regedit, and (after backing up) navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\ServiceProvider
Note the following lines (all hex dwords):
Class = 008 (8) - indicates that TCP/IP is a name service provider, don't change.
LocalPriority = 1f3 (499) - local names cache
HostsPriority = 1f4 (500) - the HOSTS file
DnsPriority = 7d0 (2000) - DNS
NetbtPriority = 7d1 (2001) - NetBT name-resolution, including WINS
What we're aiming to do is increase the priority of the last 4 settings, while keeping their order. The valid range is from -32768 to +32767 and lower numbers mean higher priority compared to other services. What we're aiming at is lower numbers without going to extremes, something like what's shown below should work well:
Change the "Priority" lines to:
LocalPriority = 005 (5) - local names cache
HostsPriority = 006 (6) - the HOSTS file
DnsPriority = 007 (7) - DNS
NetbtPriority = 008 (8) - NetBT name-resolution, including WINS
Windows 9x/ME
The tweak is essentialy the same as in Windows 2000/XP, just the location in the Registry is slightly different. For a more detailed description see the Windows 2000/XP section above.
Open the Windows Registry using Regedit, and (after backing up) navigate to:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\VxD\MSTCP\ServiceProvider
You should see the following settings:
Class=hex:08,00,00,00
LocalPriority=hex:f3,01,00,00
HostsPriority=hex:f4,01,00,00
DnsPriority=hex:d0,07,00,00
NetbtPriority=hex:d1,07,00,00
The "priority" lines should be changed to:
LocalPriority=hex:05,00,00,00
HostsPriority=hex:06,00,00,00
DnsPriority=hex:07,00,00,00
NetbtPriority=hex:08,00,00,00
Reboot for changes to take effect.
In addition to the tweaks already covered in Win 2k/XP Registry Tweaks and More Win 2k/XP Tweaks, the Windows XP Service Pack 2 introduces a few new issues covered in the article below. Please make sure you understand what you are doing before making any changes to your Operating System. Note the information below only applies to Windows XP Service Pack 2.
================================================== ================================================== ========================
3.Remove the limit on TCP connection attempts
Windws XP SP2 introduces a few new twists to TCP/IP in order to babysit users and "reduce the threat" of worms spreading fast without control. In one such attempt, the devs seem to have limited the number of possible TCP connection attempts per second to 10 (from unlimited in SP1). This argumentative feature can possibly affect server and P2P programs that need to open many outbound connections at the same time.
Rant: The forward thinking of Microsoft developers here is that you can only infect 10 new systems per second via TCP/IP ?!?... If you also consider that each of those infected computers will infect 10 others at the same rate:
second 1: 1+10 computers
second 2: 10+10*10 computers (110 new ones)
second 3: 10+100*10 computers ( 1110 new ones)
second 4: 10+1000*10 computers (11110 new ones)
....
all the way to 10*60 + 10^60 computers in a single minute (that's a number with 60 digits, or it would far exceed Earth's population). Even if we consider that 90% of those computers are unreachable/protected, one would still reach ALL of them within a minute.
In other words, even though it is not going to stop worm spreading, it's going to delay it a few seconds, limit possible network congestion a bit, and limit the use of your PC to 10 connection attempts per second in the process ! I have no problem with the new default setting limiting outbound connection attempts. Still, users should have the option to easily disable or change this setting. I might be going out on a limb here, but ever since the introduction of Windows XP I can't help thinking that I dislike all the bult-in Windows "wisardry" in a sense that the system also limits user access. That irritating trend to ease the mental load on end users is somewhat insulting, considering that Windows is to make the more "intelligent" choice instead of the end user, as well as limit their access to tuning such settings...
End of rant.
With the new implementation, if a P2P or some other network program attempts to connect to 100 sites at once, it would only be able to connect to 10 per second, so it would take it 10 seconds to reach all 100. In addition, even though the setting was registry editable in XP SP1, it is now only possible to edit by changing it directly in the system file tcpip.sys. To make matters worse, that file is in use, so you also need to be in Safe mode in order to edit it.
You only need to worry about the number of connection attempts per second if you have noticed a slowdown in network programs requiring a number of connections opened at once. You can check if you're hitting this limit from the Event Viewer, under System - look for TCP/IP Warnings saying: "TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts". Keep in mind this is a cap only on incomplete outbound connect attempts per second, not total connections. Still, running servers and P2P programs can definitely be affected by this new limitation. Use the fix as you see fit.
To change or remove the limit, you can use the following program:
Event ID 4226 Patcher v2.11
http://www.speedguide.net/files/xp_sp2/EvID4226Patch211a-en.zip
- A patching program for removing or changing the limit imposed on connection attempts in SP2. The patcher has the ability to restore tcpip.sys back to the original... Still, you might want to back up tcpip.sys, use it at your own risk. The author of this patch can be reached @ http://www.lvllord.de/
================================================== ================================================== ========================
4. Recommended settings for Windows 2000 / XP
Windows 2000 & XP, unlike NT supports large windows as described in RFC1323 ( the 'RcvWindow' has a maximum value of 2**30 rather than 64K), and includes some other improvements over its predecessors you can use to speed up any TCP/IP transfers. , the descriptions and other options are added to provide you with better understanding and enable you to customize your settings.
All the following entries, unless otherwise noted should be placed in the Windows 2000/XP Registry under the key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters
TCPWindowSize
The value of TCP Window in the Windows 2000 Registry is DWORD, representing number of bytes, with range from 0 to 2^30. The recommended values (in red) optimize TCP for any high speed Internet connection and work best in most cases, however if you'd like to use a custom value follow these guidelines:
For best results, the TCPWindow should be a multiple of MSS (Maximum Segment Size). MSS is generally MTU - 40, where MTU (Maximum Transmission Unit) is the largest packet size that can be transmitted. MTU is usually 1500 (1492 for PPPoE connections). To determine the MTU value of your ISP, check out the Advanced Registry Editing section of our site.
There are three places in the Windows 2000 Registry where you can add the TCP Window parameter.
HKLM/SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
GlobalMaxTcpWindowSize="256960" (DWORD, number of bytes) Valid range is from MSS to 2^30. Add the value as a decimal. Note: For best results RWIN has to be a multiple of MSS lower than 65535 times a scale factor that's a power of 2, i.e. 44 x 1460 = 64240 x 2^2 = 256960. If you choose to use a RWIN lower than 65535, you can simply make it multiple of MSS and turn scaling off (Tcp1323Opts=0)
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
TcpWindowSize="256960" (DWORD, number of bytes) Valid range is from MSS to 2^30. Add the value as a decimal. TcpWindowSize can also exist under TcpipParametersInterface - if added at this location, it overrides the global setting for this particular . Note (10/20/00): Seems MS has found another bug in Windows 2000, the TCPWindowSize should be configured with the global setting (GlobalMaxTcpWindowsSize) rather than this one - Q263088
Note: For best results RWIN has to be a multiple of MSS lower than 65535 times a scale factor that's a power of 2, i.e. 44 x 1460 = 64240 x 2^2 = 256960. If you choose to use a RWIN lower than 65535, you can simply make it multiple of MSS and turn scaling off (Tcp1323Opts=0)
Tcp1323Opts
Tcp1323Opts is a necessary setting in order to enable Large TCPWindow support as described in RFC 1323. Without this parameter, the TCPWindow is limited to 64K.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
Tcp1323Opts="1" (DWORD, recommended setting is 1. The possible settings are 0 - Disable RFC 1323 options, 1 - Window scaling but no Timestamp options, 3 - Window scaling and Time stamp options.)
Note: Tcp1323Opts="3" might help in some cases where there is increased packet loss, however generally you'll achieve better throughput with Tcp1323Opts="1", since Timestamps add 12 bytes to the header of each packet.
DefaultTTL
DefaultTTL determines the time in seconds and the number of hops a packet lives. While it does not directly affect speed, a larger value increases the amount of time it takes for a packet to be considered lost, discarded and retransmitted. A value that's too small can cause packets to be unable to reach distant servers at all.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
DefaultTTL="64" (DWORD, recommended setting is 64. Other settings that are widely used are 128 and 32)
EnablePMTUDiscovery
When set to 1 (True), TCP attempts to discover MTU automatically over the path to a remote host. Setting this parameter to 0 causes MTU to default to 576 which reduces overall performance over high speed connections. Note that this setting is different than our Windows 9x recommendation.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
EnablePMTUDiscovery="1" (DWORD - boolean, valid settings are 0-->False and 1-->True. Many connections perform better with this entry at 1, however, if you prefer to set your upstream to send fixed 1500 packets, you might want to use 0 instead). When set at 1, establishing connections and initial transfer speed might slow down a bit, however you will get better throughput if somewhere in the path large packets need to be fragmented.
EnablePMTUBHDetect
Setting this parameter to 1 (True) enables "black hole" routers to be detected, however it also increases the maximum number of retransmissions for a given segment. In most cases you'd want to keep BHDetect to 0 (False).
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
EnablePMTUBHDetect="0" (DWORD - boolean, valid settings are 0-->False and 1-->True. Recommended setting is 0)
SackOpts
This parameter controls whether or not SACK (Selective Acknowledgement) support is enabled, as specified in RFC 2018. SACK is especially important for connections using large TCP Window sizes.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
SackOpts="1" (DWORD - boolean, recommended setting is 1. Possible settings are 0 - No Sack options or 1 - Sack Option enabled).
TcpMaxDupAcks
This parameter determines the number of duplicate ACKs that must be received for the same sequence number of sent data before "fast retransmit" is triggered to resend the segment that has been dropped in transit.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters
TcpMaxDupAcks="2" (DWORD - range 1-3, recommended setting is 2).