Windows 2000 Tips &
Tweaks - TCP/IP Broadband Tweaks
BIOS Settings | E-Mail
Tweak | Enhancing
Performance with two disks | Explorer Tweaks
| Full Guide to OS Dual Booting
| Game Tuning Guide for Win NT / 2000 | Hardware
Spec tweaks | Internet Explorer Tweaks | Misc Tips | System
Speedup Tweaks | Removing Unused Windows
Components | Security | Links
< Back to Main
Site >
< Windows 2000 Tips & Tweaking Guide created by Michael
and reprinted with permission >
______________________________
Reduce Network Delay
Increase Network Performance
Setting Up a Name Caching Only Name
Server
Turn Off/On Connection Ghosting
SpeedUp Viewing of WinME or Windows 98 Shares From Win2K
Machine
These are the only TCPIP Tweaks you need for Win2k, it is very good at regulating
network performance
in most areas.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"TcpRecvSegmentSize"=dword:000005b0
"KeepAliveTime"=dword:0015f900
"BcastQueryTimeout"=dword:000002ee
"BcastNameQueryCount"=dword:00000001
"CacheTimeout"=dword:0000ea60
"Size/Small/Medium/Large"=dword:00000003
"LargeBufferSize"=dword:00001000
"SackOpts"=dword:00000001
"TcpWindowSize"=dword:0003ebc0
"Tcp1323Opts"=dword:00000003
"DefaultTTL"=dword:00000040
"EnablePMTUBHDetect"=dword:00000000
"EnablePMTUDiscovery"=dword:00000001
"GlobalMaxTcpWindowSize"=dword:0003ebc0
Also add this one manually to the registry. Note: Your Individual Interface numbers may differ.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
{28DCE469-81E3-4E4D-BE67-2453791F1939}]
"MTU"=dword:000005dc
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
{296D28F3-BDAC-4382-9F7E-8088AF7CB75D}]
"MTU"=dword:000005dc
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
{7B97A161-9813-4D59-A068-0457917E5BAF}]
"MTU"=dword:000005dc
Reduce Network Delay
When TCP/IP network activity is light, delays may be encountered with the default request
buffer size (4356 decimal).
The range of this parameter is 512 - 65536 bytes. Testing has shown that, in most standard Ethernet environments, 14596 (decimal) is a better choice, if the memory is available. Edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
and Add Value name SizReqBuf as a type REG_DWORD. Restart the computer.
Increase Network Performance
If you increase the number of buffers that the redirector reserves for network performance, it may increase your network throughput. Each extra execution thread that you configure will take 1k of additional nonpaged pool memory, but only if your applications actually use them. To configure additional buffers and threads, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters
Modify or Add Value of type REG_DWORD for:
MaxCmds The range is 0 - 255 and the default is 15
MaxThreads Set it to the same value as MaxCmds
You may also want to increase the value of MaxCollectionCount. This REG_DWORD is the buffer for character-mode named pipes writes. The default is 16 and the range is 0 - 65535.
Setting Up a Name Caching Only Name Server
www.xxxxx.com is used as a non-existent site, as an example.
Good old dry theory
1.1 Introduction
The internet is going thru an evolution; faster pc's, more reliable connections etc... But the greatest evolution are the capacity of the lines. What were telephone line are now ISDN lines or cable modems. But there are still people (unfortunate people like me) who have such a sloppy telephone line, which is sloooooow. So people are beginning to search ways to speed up their connection. There are tools like download managers, tools that download the underlying pages of a visited web site in idle times. And so there are many ways that go to adjusting the hardware of your modem.
Like you all see the software is either Windows based or lets you fuck up your hardware. This way is for Linux and is so easy even a Windows user could do it :P
There is also an explanation on how to do the exact same thing under Windows.
1.2 Who should be reading this document, requirements
Everyone who wants to speed up their (modem) dial-up account by some seconds. And want to do this in five minutes (if not less).
If you have questions regarding this tutorial, please make sure you've already read at least some of the basic networking tutorials at http://blacksun.box.sk/.
Information on how to do the same thing under Windows can be found at the bottom of the tutorial.
Requirements
A computer
A connection to the internet
Linux up and running
named (1) installed *
5 minutes of time
Some spare change for me (*grin*)
* named is the nameserver package, this is standard and the most common Linux distrubutions should bring it.
1.3 What does a nameserver do?
What does a nameserver do ? Well, suppose you are dialed in with you ISP and you wish to go to www.xxxxx.com. You open up you browser and type in the address field http://www.xxxxx.com, you press enter and wait until xxxxx.com appears. Simple, isn't it ? Let's look behind the scenes to find out what's really going on in there.
[The flexibility of the Domain Name System is endless, and by all means this isn't supposed to be a complete study of it, so if you find anything specific you want to know about i suggest you can look through RFC-1034 and RFC-1035 for the answer -ed]
Your computer gets the request to connect to www.xxxxx.com, but what is www.xxxxx.com ? Well it the alias of a computer (which has an ip) and has an httpd daemon running (on port 80).
Your computers checks if that site isn't running on your own computer or on you local network. So it checks your /etc/hosts file (which has you local intranet information) or it checks a local nameservers referred to from /etc/resolv.conf. By the way, this is a good time to mention that DNS stands for Domain Name System.
The file /etc/resolv.conf should look something like this.
nameserver 123.123.123.123
This is the nameserver of you ISP. And when nothing can be found on the local intranet you computer will query this nameserver. (if this nameserver is unreachable the you'll get an error).
When this nameserver is reachable it will answer with an ip. If www.xxxxx.com is unknown to the nameserver it will query some other nameserver [In fact, there exists a large number of nameservers on the internet. For every domain there is (yahoo.com, box.sk), there are probably a couple of nameservers (a primary, and a secondary if not more). The root nameservers, the ones that hold all the information for .com's .org's .gov's and .net's etc. (Top Level Domains) are located at something called InterNIC, and this is where your query will end up if your ISP's nameserver doesnt have what you're asking for. The '.com' root nameserver at InterNIC will forward your query for www (.xxxxx.com) to the primary nameserver at xxxxx.com and from there you will get the correct ip address for www.xxxxx.com]
Once this ip (lets say 123.123.123.111) is known, you browser will try to establish a connection to 123.123.123.111:80 (this connection will be made by the standard routing procedure as can be viewed by typing route from a root shell.
Now the communication will be established, data will be transferred using the http protocol. So the nameserver simply translates www.xxxxx.com into an ip by quering its own database or querying other databases.
1.4 Whooow that sounds very cool!! So ?
Well suppose those seven steps take about 2 seconds (if you have a speedy connection and your ISP has a nameserver with almost no network traffic and if the ip is in the nameservers cache). So if this was an utopia it would take two seconds. So in these times it'll take a bit longer. In this tutorial we'll make something called 'a caching only nameserver'.
1.5 What is a caching only nameserver
Well, this is a special 'type' of nameserver. This is not intended to be the nameserver of your intranet. The only thing it does is to cache all names and ip's that are queried from the local network. The first time you query an ip, an other database has to be queried (isp). But any other time that query does not have to find place. It is on you own hard disk, so it doesn't consume any bandwidth, and site will come up some seconds faster on your screen which makes surfing a lot more FUN. You can say now what the hell are two seconds? Yes but how often do you go to a search engine ? How often do you go to you favorite site and further, how often doe you check your e-mail ? (once every 10 minutes is a Netscape default)
Here ends the theory, now you should be able to understand what a caching only nameserver does and how it can speed up you connection with a few seconds, now go ahead and type something.
2 The heck with, let me type something
2.1 named.conf
First we edit the general config file of the nameserver. The file is called /etc/named.conf and it should look like:
options {
directory "/var/named";
/* Some thing */
};
....
This first part of the file is the one that needs changes. For this you need to know the nameserver of your ISP (NOT the name but the IP ofcourse), you change the file to:
options {
directory "/var/named";
forwarders {
123.123.123.123;
123.123.123.124;
};
};
....
You've now simple said that an unknown query has to be forwarded to the ip's above. If the first is not reachable the second one will be tried.
2.2 Changing the nameserver
In fact you have now an up and (almost) running nameserver. There is just one little detail you have to take care of, that's the fact that your computer doesn't recognize / will use you nameserver yet. You have to edit /etc/resolv.conf . And you should edit the file so it'll look like:
# nameserver 321.321.321.321
nameserver 127.0.0.1
The first line was your original nameserver, just comment this (you never know ...) and then you add the line nameserver 127.0.0.1 this just says that queries no longer have to be forwarded but can be answered by you OWN local nameserver.
2.3 Up and running
Now you just have to (re)start your nameserver with killall -HUP named . Then you check you logs ( /var/log/messages ) and hope they'll look like Nov 20 13:29:34 SaTaN named[692]: starting. named 8.2.1 Fri Sep 24 14:52:24 EDT 1999 ^Iroot@porky.devel.redhat.com:/usr/src/bs/BUILD/bind-8.2.1/src/bin/named
Nov 20 13:29:34 SaTaN named[692]: hint zone "" (IN) loaded (serial 0)
Nov 20 13:29:34 SaTaN named[692]: Zone "0.0.127.in-addr.arpa" (file named.local): No default TTL set using SOA minimum instead
Nov 20 13:29:34 SaTaN named[692]: master zone "0.0.127.in-addr.arpa" (IN) loaded (serial 1997022700)
Nov 20 13:29:34 SaTaN named[692]: listening on [127.0.0.1].53 (lo)
Nov 20 13:29:34 SaTaN named[692]: listening on [10.0.0.1].53 (eth0)
Nov 20 13:29:34 SaTaN named[692]: Forwarding source address is [0.0.0.0].1025
Nov 20 13:29:34 SaTaN named: named startup succeeded
Nov 20 13:29:34 SaTaN named[693]: Ready to answer queries.
Nov 20 13:29:34 SaTaN named[693]: sysquery: sendto([123.123.123.123].53): Network is unreachable
If you see a last line, like mine, don't worry about it. It means you are not yet connected to the internet. When you get some erros, it means that you have not edited you config file properly so you have check it again. (hint: check if all the ; are in place and every { is closed with an } )
2.4 You don't believe me ?
Ok, for everyone who doesn't believe me ...
[root@SaTaN /] nslookup www.iwanttoquerythis.com
Server: localhost
Address: 127.0.0.1
Name: www.iwanttoquerythis.com
Address: 123.123.123.321 ... other ip's ..
Aliases: If available ...
This was the first query and a request was sent to the nameserver mentioned in the config file. For this far you know you nameserver can forward addresses. It's a start.
[root@SaTaN /] nslookup www.iwanttoquerythis.com
Server: localhost
Address: 127.0.0.1
NON-AUTHORITIVE ANSWER
Name: www.iwanttoquerythis.com
Address: 123.123.123.321
Aliases: ...
Cool, it says Non-authoritive answer. What does it means ? Well, it just wants to say that for that answer there was no need to forward the request, cool huh ?
2.5 And here's another way to do it
You can also manage your local DNS database by yourself! Simply add lines to the /etc/hosts file that will look like this:
IP-address hostname #comment
For example:
1.2.3.4 www.some-website.com #just another stupid website
In case you're wondering, you don't HAVE to put the comment... :p
Oh, by the way, this method is inferior because you have to enter IPs and hostnames by yourself... ouch...
2.6 Local DNS cache under Windows
Hello, poor Windows users. Want to make yourself a nice local DNS cache? Too bad, 'cause you can only use the method described in chapter 2.5, only you will be using c:\windows\hosts (not to be confused with c:\windows\hosts.sam, which is a sample file for c:\windows\hosts) instead of /etc/hosts. If you don't wanna do this manually, you could try and find a program called FastNet, which will scan your browser's bookmarks and history database and automatically add every URL you visit to this database, and will also let you add entries manually.
The End
You should be able to put up you own caching only nameserver. - Courtesy GoMoRRaH.
Turn Off/On Connection Ghosting
Windows uses Ghosted connections for when a user doesn’t need or want an actual connection until there is a need for the connection to be utilized. Once the user uses the connection, Windows NT/2000 will make the necessary connection. In some instances, this technique can cause problems; for example, there will be a delay the first time that an inactive, ghosted connection is used.
To turn off the ghosting and eliminate the initial delay when connecting perform the following:
Start the registry editor (regedit.exe)
Move to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkProvider
From the edit menu select New - DWORD value
Enter a name of RestoreConnection and press Enter
Double click the new value, set to:
0 - Windows NT/2000 will ghost the connections
1 - Windows NT/2000 will not ghost the connections. Windows will restore connections when the user logs in
Click OK
Close the registry editor
Restart the computer. -Courtesy John Savill
SpeedUp Viewing of WinME or Windows 98 Shares From Win2K Machine
When Win2K attempts to browse shares on a Windows Me or Win9x machine, it also checks for scheduled tasks that are enabled on the machine. Disabling this check speeds the browsing. Perform the following steps:
Start regedit.exe.
Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RemoteComputer\NameSpace.
Right-click {D6277990-4C6A-11CF-8D87-00AA0060F5BF}, and select Delete.
Click Yes to the confirmation.
Close regedit. – Courtesy John Savill
______________________________