Actually the limit is a little bit different. It does not limit the number of connections per second directly. Although the change does ultimately have the affect of limiting the connections per second, but it becomes a factor of the rate in which machines can establish a session.
The actual change is to limit the number of sessions in TCP "SYN_SENT". A session in SYN_SENT is a session that has generated a TCP <SYN> packet in an attempt to build an established TCP session. All subsequent packets will also have the <ACK> bit set. Once the <ACK> bit has been set, as it will be by the first packet returned from the intended host, it is no longer in SYN_SENT and is no longer subject to the 10 count limit. To see how many session are in this state on a WinTel box, type "netstat" at command prompt. You will be presented with a list of all TCP sessions and the state that they are in. Below is an example of a session in SYN_SENT. TCP MYMACHINE-2:3223 192.168.2.6:2492 SYN_SENT Rant in summary; if a connection is established quickly it will get out of the way and allow another connection to queue. If connections are built slowly, the rate will be retarded. -- J. Eric Josephson Director of Network and System Operations 978-720-2159 mailto:[EMAIL PROTECTED] "Gustavo D. Villarreal" To: <[email protected]>, <[EMAIL PROTECTED]> <[EMAIL PROTECTED] cc: com.mx> Subject: RE: [Ntop] OT:test network connection limit Sent by: [EMAIL PROTECTED] i.it 01/04/2005 04:57 PM Please respond to ntop; Please respond to dvillarreal Is this a Windows XP with Service Pack 2 system? SP2 has a new security 'feature' that will limit the amount of connections you can generate per second to 10. For more info and a patch try this link: http://www.speedguide.net/read_articles.php?id=1497 Gustavo D. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Max Waterman Sent: Martes, 04 de Enero de 2005 02:11 a.m. To: [email protected] Subject: [Ntop] OT:test network connection limit Hi, Would anyone be willing to do me a favour and write me a short script that will test the number of successful connections I can make from my machine to any machine on the internet? The network programming skills I learned at school have fallen by the way side :( The problem is that I seem to only be able to make 10 connections to the internet, and my ISP claims that they make no restrictions that should have this effect. For example, if I set up a bittorrent client to only allow 10 connections, it will stop anything else (web browser, etc etc) that connects over the internet. I suspect there are one or two people on this list that could knock something like this off in a could of seconds...probably best if it'll run on Windows without having to install anything :| I wonder what I could write it in....I've never programmed a Windows box :( I suppose that last smilie should be a :) Max. _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
