locked
Vista32 + "TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts" RRS feed

  • Question

  • Microsoft,

    Could you explain why you've chosen to impose such a draconian limit on Vista? (I say Vista without specifically defining x86 or x64 since I've seen similar posts about 64bit Vista however my problems relate to a 32bit version).

    Let me give you an example of how this causes problems.

    Last night I was trying to download 2 completely LEGAL torrents (a 1.7Gb texture mod for Oblivion and some Debian DVD's) WHILE also MOVING (not copying and pasting) a folder with a large number of small folders and files on a Windows 2008 Server.

    I was UNABLE to complete either task since the connections kept dropping with that error message.

    I have been aware of this "feature" for some time now and this is the first time it has caused me problems (and fairly major functionality problems at that - moving data around a network is really something you don't want to be limiting by stupid limitations imposed by yourselves).

    I know there are non-MS patches I can apply to tcpip.sys to work around this f'ing stupid "feature" but I'd like a fix from Microsoft.

    Please could someone from Microsoft tell me how to remove/fix/disable this stupid feature please?

    Thank you.
    Saturday, April 25, 2009 11:04 AM

Answers

  • Hi Grevane, I fully understand the inconvenience you have encountered. I'd like to inform you that this is for security purpose to limit the damage and protect the computer from being used by malicious and dangerous programs such as virus and worms to scan the Internet to infect more systems, or become a Bot that connects to IRC and subsequently accepts commands to launch Distributed Denial Of Service Attacks (DDoS) against other web servers or services.

     

    Thus with these concurrent TCP connections limit in place, a lot of programs and applications which launch and trigger lots of outbound and inbound connections at short span of time will hit the limit and cause the error, and in worst cause, cause the connection to be dropped and download or upload speed become slow. The case is especially true in P2P (peer-to-peer) software such as BitComet, µTorrent, BitTorrent. The limit may also affect streaming P2PTV such as PPStream, PPLive, etc.

     

    Thank you for your feedback regarding this limitation. I'll forward this to our product team.

     

     


    Sean Zhu - MSFT
    Monday, April 27, 2009 6:43 AM
    Moderator

All replies

  • Hello again Microsoft,

    Please could you respond to this question.

    I am currently STILL sat here moving things manually since Vista will NOT move these file on it's own in one go.

    I currently still have a folder that contains 15,113 small images and xml files and 631 folders and I cannot move it all in one go. Would you like to come and do this for me? No, I didn't think so, so why do we have to work within these limitations?

    The progress bar starts going but you can see exactly when Vista gives up as the progress bar just shoots across to 100% having only moved a tiny selection of the files I've asked it to move.

    As I've said in pervious posts in other threads, I've never been one of those "MS bashers" but I do use other Operating systems and I've got to point out that none of those other OS's suffer from this problem so why do I have to pay for the priveledge for something that doesn't work properly??

    The idea behind this stupid limitation is just rediculous. To quote a very good example of this from another website...

    "If you also consider that each of those infected computers will infect 10 others at the same rate:
    second 1:  1+10 computers
    second 2: 10+10*10 computers (110 new ones)
    second 3: 10+100*10 computers ( 1110 new ones)
    second 4: 10+1000*10 computers (11110 new ones)
    ....
    all the way to 10*60 + 10^60 computers in a single minute (that's a number with 60 digits, or it would far exceed Earth's population). Even if we consider that 90% of those computers are unreachable/protected, one would still reach ALL of them within a minute."


    So why bother even wasting the coding time?
    Sunday, April 26, 2009 2:54 PM
  • Hi Grevane, I fully understand the inconvenience you have encountered. I'd like to inform you that this is for security purpose to limit the damage and protect the computer from being used by malicious and dangerous programs such as virus and worms to scan the Internet to infect more systems, or become a Bot that connects to IRC and subsequently accepts commands to launch Distributed Denial Of Service Attacks (DDoS) against other web servers or services.

     

    Thus with these concurrent TCP connections limit in place, a lot of programs and applications which launch and trigger lots of outbound and inbound connections at short span of time will hit the limit and cause the error, and in worst cause, cause the connection to be dropped and download or upload speed become slow. The case is especially true in P2P (peer-to-peer) software such as BitComet, µTorrent, BitTorrent. The limit may also affect streaming P2PTV such as PPStream, PPLive, etc.

     

    Thank you for your feedback regarding this limitation. I'll forward this to our product team.

     

     


    Sean Zhu - MSFT
    Monday, April 27, 2009 6:43 AM
    Moderator
  • Good news. Vista SP2 removed this security limit. See http://technet.microsoft.com/en-us/library/dd335036(WS.10).aspx

    By the way, from following page, Is it really true that Server 2008 has the same limit?

    http://support.microsoft.com/kb/969710

    Note In Windows Server 2008 and in Windows Vista with Service Pack 1 (SP1), the system allows for a maximum of ten half-open TCP connections at any time.

    Thanks


    CS
    Wednesday, June 10, 2009 6:50 AM