1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Help remove the connection limit of TCP/IP

By morland ยท 15 replies
May 4, 2010
  1. Before doing a recent fresh install of XP Pro SP3 I had done some tweak (don't remember the details) and it had tweaked many things including the mysterious TCP/IP connection limit.

    I have searched on google and have found mixed recommendations; some experts recommending not to mess with it while some recommending solutions (but have only been able to find it for Vista not XP).

    Since the fresh install (and all updates installed) I have been regularly getting the following in the event viewer

    Event Type: Warning
    Event Source: Tcpip
    Event Category: None
    Event ID: 4226
    Date: 04-May-10
    Time: 10:22:15 AM
    User: N/A
    Computer: mylaptop
    TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
    For more information, see Help and Support Center at ....​

    I can say for sure that my internet connection is not giving me the download performance what I was getting prior to the new install... The download speed that I am not getting is simply frustrating.

    Can someone please help me tweak/remove the TCP/IP connection limit so that I can avail the full potential of what my bandwidth really has to offer. Ideal situation would be if you can pls recommend a tool which does all the hidden tweaks.
  2. jobeard

    jobeard TS Ambassador Posts: 12,742   +1,489

    the connection limit has nothing to do with download bandwidth.

    the connection limit is 10 concurrent shares being accesses at the same time.
    a client user does not (should not) need more.

    the Windows Servers use many more than than to support large companies.

    I think you are looking for Network Tweaks
  3. morland

    morland TS Rookie Topic Starter Posts: 48

    Hi jobeard. Thank you for the advice. I guess and with all honesty I am just looking for a solution (if there is one); be it a TCP/IP tweak or what you are referring to as Network Tweak. Can you kindly share some links/tips regarding the latter. Thanks.
  4. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,430   +186

    Hi morland

    A couple things

    1) Before you start any more changes, i'd suggest you create a backup image of your hard drive (for that "just in case"). You can EASUS Disk Copy (freeware)

    2) Then, you can find many patches for XP SP3 online to change the limit (this just one i found but never used myself so use at your own risk)

    That said, since you're not 100% sure about all the tweaks you've done it might be best to
    > Uninstall/reinstall your network driver
    > And do an XP repair install which between the two i would think should reset all your network default values back to a good known state
  5. jobeard

    jobeard TS Ambassador Posts: 12,742   +1,489

    looks like an Event Record and thus you actually suffer from too many concurrent Shares.

    What's your environment and how many shares are active ?

    (meanwhile, I'll look for the Network Tweaks)
  6. jobeard

    jobeard TS Ambassador Posts: 12,742   +1,489

  7. morland

    morland TS Rookie Topic Starter Posts: 48

    Hi (again) LookinAround and jobeard. Please bear with me for a while and kindly reply after you have read the following.

    Question #1: You have suggested to do a "XP repair install which between the two i would think should reset all your network default values back to a good known state". How do I do a XP repair install and will it mess up everything that I have installed? I think I know how to uninstall and then install the network driver. BUT, is the latest network driver necessarily the best? I have both available; the one which I was using previously and the latest one? Your expert comments? BTW and if it's of any help I'm using XP's WZC (Wireless Zero Configuration) and the latest driver from intel's website to the latest version (

    Here are all the details which can probably help solve the problem in a permanent and best manner. Am listing the whole 9 yards:
    1. Have done a recent fresh installation of XP Pro SP3 (and have all the latest updates)
    2. Don't have anything falling under the P2P category even installed i.e. No Messengers (Yahoo/MSN/ICQ etc.), torrent downloader, etc. etc. What else could fall under the P2P category?
    3. When does this 4226 warning pop-up? I don't know and I recently developed the habit of occasionally checking the event viewer. Though this is a side note comment but i find it important to mention it here and now: Never used to check the event viewer and was (still am) just a naive computer users. BUT I'm learning and am keen to learn. Have learned more from the replies to my silly posts than I could have in years.
    4. ==> Is there some kind of alert that I can setup so that it pops up when certain events occur. I'm sure that there must be a good freeware out there just for this very purpose. Can you help me find one? I feel this will play a key role in helping me nip it in the bud and identify exactly when this darn 4226 and a few others actually happen! Alternative is that I constantly keep watching the event viewer like a mad scientist
    5. What things do I have in the start-up? Utilities that in my opinion I can't do without or fall under a must to have. Namely
      a) Sygate Firewall
      b) avast anti-virus
      c) Malwarebytes
      d) Spyware blaster
    6. I do have many applications installed but none of them load up automatically.

    I have been researching like crazy and as I write this reply, I have checked the event viewer and currently it is NOT showing the 4226 warning. Read a tip and ran netstat -anb from Run | cmd and looked for entries with the SYN_SENT label. Nothing...

    This is where I have 3 extremely important requests:

    • After what I have been reading during the past couple of hours, I really don't want to try the so called tcp/ip patch because a lot of people seem to label it as snake oil and the more i read, the more convinced I am becoming.
    • ==> Can you help me find something that will address point #4. I need to know exactly when this darn 4226 actually kicks in. Until I can do that, all efforts probably will be in vain. For some reason i feel that this will be the key!
    • When the 4226 warning occurs the next time (and i know it will; maybe within the next 60 minutes) what do I do? Run the netstat -anb command and look for SYN_SENT rows. Then what?
    • ==> Could the problem be due to some Service which is currently set in auto mode and instead should be in manual or disbaled mode?

    Thanks for your help so far and will be looking forward to your kind help after you have read and analyzed this particular post.
  8. jobeard

    jobeard TS Ambassador Posts: 12,742   +1,489

    I think that avoiding Tweaks is a good policy.

    Instead of the nbtstat, use (from an admin) run->fsmgmt.msc
    (you can also use runas on a shortcut to the Command Prompt and 'borrow' the admin id
    and then enter fsmgmt.msc)

    The Shares or Sessions will lead you to discover connections that lead to the 4226 event.
  9. morland

    morland TS Rookie Topic Starter Posts: 48

    Thank you for the tip jobeard. I'm sure it will come in handy the next time the 4226 event warning pops up.

  10. tipstir

    tipstir TS Ambassador Posts: 2,842   +193

    Do you want to tweak the TCP.SYS? Change the default 10 to 100. If you router can do 200 max connections then the PC should be set to 100 along with the software you'll be using with it has to be set to 100. Now to change this I use:

    Universal Tcpip.sys Patch, V1.2 Build 20090409

    I've applied the above (which is so easy to use) backups the old TCP.SYS first. Anyway I've applied that patch to XP SP3, Server 2003, Vista SP2, Server 2008 Enterprise (I know), Windows 7 32/64-bit Ultimate
  11. morland

    morland TS Rookie Topic Starter Posts: 48

    Thanks for the suggestion tipstir but I think I'll be staying away from the temptation. Appreciate your help and suggestion though.

  12. tipstir

    tipstir TS Ambassador Posts: 2,842   +193

    Well it's there if you want it. I using it on Windows 7 Ultimate 64-bit and Vuze / Peer Block without issues. My down on average is 3.83mb/s a second ago. There is youtube video from me on ESR-9850 Gig/N/AP/WDS Router which I using/testing since it can do 19,700 connections for P2P. Plus it has a Smart NAT and Hardware Network Engine. Through-put on Gig is excellent. Anyway video is below:

  13. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,430   +186

    Hi Morland

    First i'll refer you back to part of my original post
    Point being: whether you're tweaking your system or simply want to create reliable "checkpoint" backups of your hard drive to fall back to a "good known" state, there's many advantages as well as "peace of mind" in getting used to creating disk image backups of your HD. And IMHO a $50 USD investment in a versatile backup tool like Acronis is well worth the price in for data / system reliability and peace of mind (where it can do disk image backups as well as provide file/folder type recovery. Also providing for full or incremental backups and data compression)

    Tweaking your computer can be fun (as well as educational) if you know you have a disk image backup to fall back on!

    /* edit */
    And is worth to note, System Restores can be helpful but are not substitutes for System backups. Use System restores for convenience but never rely on them to get you out of serious trouble. (i.e. they're never guaranteed to work)

    /* edit 2*/
    btw.. if you happen to have a WD internal drive, there's even a free version of Acronis True Image available!
  14. tipstir

    tipstir TS Ambassador Posts: 2,842   +193

    The tool above does backup the TCP.sys as TCP.bak before it make changes. You can scale from 0 to etc. I won't max out the PC in max connections based on the router. Most P2P software won't go higher than 100 for max connections. 80 to 100 is safe to set your system. If you go higher then through-put over the network will suffer on other PCs. Windows 7 has most tweaks enabled if you use the netsh int tcp show global under the command prompt. This will show what's enabled and what is not.
  15. morland

    morland TS Rookie Topic Starter Posts: 48

    1. Thanks for the continued help and guidance LookinAround. I have recently started using Norton Ghost v 12 (I know it's old and probably not even close to what Acronis offers but it's kind of easy to use. However and now that I have learned about how to make and use hd images, I can always play around (for the sake of learning)
    2. @tipstir: Can I please request your opinion regarding how you rate your proposed patch/solution versus what the author of another patch claims (pls see the link in the next bullet)
    3. http://www.mydigitallife.info/2008/...tcher-for-x86-and-x64-windows-7-vista-and-xp/
    4. @tipster: Out of curosity - does your patch work for XP. I may have misread but it appears to work only for Vista and Windows 7
    5. Or the solution which this person offers ===> http://www.lvllord.de/

    Waiting for your comments.
  16. tipstir

    tipstir TS Ambassador Posts: 2,842   +193

    I've been since XP SP2, XP SP3 Server 2003 Standard, Enterprise, Server 2008 Enterprise, Windows 7 Ultimate 32-bit and Windows 7 Ultimate 64-bit.

    By default the TCP.SYS Limited Connections is set to 10 XP SP1 had no limit. XP SP2 and SP3 and all the OS Client and Server suffer from the limit of 10 connections. You can see for yourself by using TCP-Z. TCP-Z can change the connections rate, but I won't use that program. That program is good for monitoring the connections. Best one to use to patch is Universal patch is better. It detects your version of the OS Client or Server backups the original TCP.SYS then replaces it with the one you have configured. In my example my max connections is 200 backup is 10

    The file has x86 = 32-bit OS like XP and up to 7
    The file also has x64 = 64-bit OS

    Not hard to use.

    It tells you on the site it supports
    TCP Half Open Limited Patcher & Monitor
    Supports: Windows XP SP2 SP3 /2003 /2008 /Vista SP1 SP2/Windows 7, All 32bit(x86)/64bit(x64)
Topic Status:
Not open for further replies.

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...