Running Netsh on Windows 2008/Vista Causes Invalid Registry Entries to be Created
[Today's post comes to us courtesy of the Shawn Sullivan and Mark Stanfill]
A known issue exists in Vista and Windows Server 2008 where use of the netsh command to change global TCP/IP settings will cause invalid values to be written into the registry under ‘HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters’. An example of this behavior is found when you run “netsh in tcp set global autotuninglevel=disabled” . You will find the following highlighted values are configured incorrectly:
Invalid:
Meanwhile this same key from a default installation of SBS 2008 will look similar to this. Note: the only highlighted value that is configured by default is TcpTimedWaitDelay and it is set to 60:
Default:
We have seen send/receive issues with Outlook clients as a result of this. In this case, the Exchange BPA will issue a warning if the TcpTimedWaitDelay is anything other than 60:
Cleanup
Recovering from this problem is a two step process. First, to prevent the issue from reoccurring the next time you run netsh, install the hotfix from the following link. This hotfix is not included in Windows 2008/Vista SP2. It will not reverse incorrect values or make any changes to the key itself:
https://support.microsoft.com/kb/967224
You must then fix the invalid entries by restoring a backup of the ‘HKLM\System\CurrentControlSet\Services\Tcpip\Parameters’ key. If you do not have a backup, you can run the following powershell script to revert this key to a default configuration:
https://cid-d5fe25afb6c3615f.skydrive.live.com/self.aspx/.Public/NetshRegFix.ps1
Download this ps1 file to an easily accessible directory, such as c:\windows\temp. Open powershell as administrator and execute the script, substitute the path to the ps1 file as needed:
This script will make a backup of this key on your desktop in a folder called “TcpIpParametersBackup”, change TcpTimedWaitDelay to 60, and then delete the following values which will set them to their default configurations:
- DisableTaskOffload
- EnablePMTUBHDetect
- EnablePMTUDiscovery
- KeepAliveInterval
- KeepAliveTime
- Tcp1323Opts
- TcpFinWait2Delay
- TcpMaxDataRetransmissions
- TcpUseRFC1122UrgentPointer
You will need to reboot the machine after running the script.
More Information
The following whitepaper lists the default settings, descriptions, and valid ranges of the configurable TCP/IP registry values in Windows 2008/Vista:
https://download.microsoft.com/download/c/2/6/c26893a6-46c7-4b5c-b287-830216597340/TCPIP_Reg.doc
Note: There are some registry values from Windows Server 2003, such as “EnableRSS” and “EnableTCPChimney”, which are no longer used in Windows Server 2008. These settings are now only configurable in the using the netsh utility and on the properties of network adapters that support them. The following KB gives some examples of netsh commands:
Information about the TCP Chimney Offload, Receive Side Scaling, and Network Direct Memory Access features in Windows Server 2008
https://support.microsoft.com/kb/951037
Automating these settings
If you wish to automate disabling these settings for your SBS installations, they can easily be set using a combination of reg.exe and netsh. For example:
netsh int tcp set global rss=disabled
netsh int tcp set global chimney=disabled
Reg add HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableTcpa /t REG_DWORD /d 0 /f
Reg add HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NetDMA /t REG_DWORD /d 0 /f