why i hate windows #49152

[piranha]

XP service pack 2 quietly limits the TCP-IP stack to 10 simultaneous connection attempts. ostensibly this was done to avoid the spreading of worms, which is all good and well -- except that i fucking want to be TOLD what is being done to my system, and i want to be given the option to ignore microsoft's idea of "best practices". i know, this must be so hard for bill to believe, but some of us do know what we're doing with our systems, and -- *gasp* -- we actually know better than him!

that limit is a problem for any applications that open a lot of TCP connections -- such as p2p programs. it'll slow them down. why is that so? TCP connections are initiated with a 3-way handshake: the client sends a SYN packet, and waits expectantly for a SYN and ACK response from the server. once the client gets that, it sends back an ACK. as long as the initial response from the server hasn't been received, the connection is "half-open", and the client waits for a certain period of time before giving up (and trying again a bit later). limiting the number of half-open connections means any further attempts to initiate a connection are put into a queue and have to wait their turn. windows will also consider writing to the event log. all of this takes processing time away from actually exchanging data.

if your system event log contains several 4226 events each day, this is happening to you. there is alas no registry fix, but you might want to grab ahold of the patch that's available; it allows you to raise the limit. the defaut of 50 should work fine, and still provide protection against the fast spreading of worms (if you are worried about that), but you can rerun the patch with a higher limit if you still find a lot of 4226 events in your event log.

Comments

[datagoddess.livejournal.com]

I wonder if it's related to MS limiting workstation connections to 10, too. Seems an awfully coincidental number, if not.

[machineplay.livejournal.com]

Could that be why I keep getting kicked off the MUSHes all the time? Hn.

[tigertoy.livejournal.com]

This kind of horseshit is why I am not applying any updates to my Windows machine. This isn't in any way about security; it is about trying to force users to buy a much more expensive "server" version of Windows that is the exact same code with a couple of switches turned on. Perhaps I am foolish; most of the "updates" and "patches" probably really do fix bugs that I want fixed. But Bill has less credibility than President Bush with me right now.

[pir-anha.livejournal.com]

i can't afford not to apply those updates. i tried to avoid it whenever i can, but they are like congressional bills; the bad comes riding on top of the good. and it becomes a logistics nightmare; at some point software will no longer run without a certain upgrade installed. i waited forever to install SP2, but it became a major hassle, and i've basically given up and just install updates as they become available. too much time spent trying to track down problems otherwise.

i agree that much of it is about corporate greed (same reason why my broadband provider blocks port 80 for the cheap connection package). i am of two minds about security -- i understand that leaving everything wide open turned out to be a disaster for the providers. but i basically think it ought to be up to each user to decide whether zie wants to accept corporate decision making. i am even ok with it being opt-out. but i absolutely WANT there to be a way to opt out for knowledgable people. i cannot abide this combination of corporate greed and nanny behaviour.

there is really no way to boycott the companies who act that way because the options are limited and all the players are to some degree "evil". and not enough people are pissed off about this to put some pressure on them.

[huashan.livejournal.com]

*cough*linux!*cough*

[pir-anha.livejournal.com]

sorry to hear you've got a cold! :)

right -- like i didn't know about linux, being as it runs on my server and several other machines in the household.

i have to run windows on my main machine because most of my work deals with windows software. can't afford to boycott all that crap.