Netsh commands for Interface Transmission Control Protocol
Applies To: Windows Server 2008
The netsh interface TCP context contains the following commands in Windows Server® 2008:
add chimneyapplication
add chimneyport
delete chimneyapplication
delete chimneyport
reset
set global
show chimneyapplications
show chimneyports
show global
The following commands were added to the netsh interface TCP context in Windows Server® 2008 R2:
set security
show security
Interface TCP commands
The following sections provide details for each command.
add chimneyapplication
Sets the Transmission Control Protocol (TCP) chimney state for a particular application.
Syntax
add chimneyapplication [ state= ] disabled | enabled [ application= ] PathName
Parameters
- state
Required. Specifies one of the following values: disabled: Disables TCP chimney offload for application. enabled: Enables TCP chimney offload for application. Applies to new connections only.
- application
Required. Specifies the application name and path.
Examples
Following are two examples of the add chimneyapplication command.
add chimneyapplication disabled c:\path\database.exe
add chimneyapplication state=disabled application=c:\path\database.exe
add chimneyport
Sets the TCP chimney state for a source port, destination port pair.
Syntax
add chimneyport [ state= ] disabled | enabled [ localport= ] *| Integer [ remoteport= ] *| Integer
Parameters
- state
Required. Specifies one of the following values: disabled: Disables TCP chimney offload for the local port, remote port pair. enabled: Enables TCP chimney offload for the local port, remote port pair. Applies to new connections only.
- localport
Required. Specifies the source port. An asterisk (*) specifies all ports. To specify a specific port number, provide a value for Integer.
- remoteport
Required. Specifies the destination port. An asterisk (*) specifies all ports. To specify a specific port number, provide a value for Integer.
Examples
Following are two examples of the add chimneyport command.
add chimneyport disabled 10000 *
add chimneyport state=disabled localport=10000 remoteport=*
delete chimneyapplication
Deletes the application from the TCP chimney offload selection table.
Syntax
delete chimneyapplication [application=] ApplicationName
Parameters
- application
Required. Specifies the application name and path.
Example
Following are two examples of the delete chimneyapplication command.
delete chimneyapplication c:\path\database.exe
delete chimneyapplication application=c:\path\database.exe
delete chimneyport
Deletes the port entry from the TCP chimney offload selection table
Syntax
delete chimneyport [ localport= ] *| Integer [ remoteport= ] *| Integer
Parameters
- localport
Required. Specifies the source port. An asterisk (*) specifies all ports. To specify a specific port number, provide a value for Integer.
- remoteport
Required. Specifies the destination port. An asterisk (*) specifies all ports. To specify a specific port number, provide a value for Integer.
Examples
Following are two examples of the delete chimneyport command.
delete chimneyport 80 *
delete chimneyport localport=80 remoteport=*
reset
Removes all user configured settings and resets all TCP parameters to their default values.
Syntax
reset
set global
Sets TCP parameters that affect all connections.
Syntax
set global [ [ rss= ] disabled | enabled |default ] [ [ chimney= ] disabled | enabled | default ] [ [ autotuninglevel= ] disabled | highlyrestricted | restricted | normal |experimental ] [ [ congestionprovider= ] none |ctcp |default ] [ [ ecncapability= ] disabled | enabled | default ] [ [ timestamps= ] disabled | enabled | default ]
Parameters
- rss
Optional. Specifies one of the following values:
disabled: Disable receive-side scaling.
enabled : Enable receive-side scaling.
default : Restore receive-side scaling state to the system default.
- Chimney
Optional. Specifies one of the following values:
disabled: Disable Chimney offload.
enabled : Enable Chimney offload.
default : Restore Chimney offload state to the system default.
- autotuninglevel
Optional. Specifies one of the following values:
disabled: Fix the receive window at its default value.
highlyrestricted: Allow the receive window to grow beyond its default value, but do so very conservatively.
restricted: Allow the receive window to grow beyond its default value, but limit such growth in some scenarios.
normal: Allow the receive window to grow to accommodate almost all scenarios.
experimental: Allow the receive window to grow to accommodate extreme scenarios. WARNING: This can dramatically degrade performance in common scenarios and should only be used for research purposes.
- congestionprovider
Optional. Specifies one of the following values:
none: Use the built-in standard congestion control algorithm.
ctcp: Use the add-on Compound TCP congestion control algorithm.
default: Restore the selected provider to the system default.
- ecncapability
Optional. Specifies one of the following values:
disabled: Disable ECN Capability.
enabled: Enable ECN Capability.
default: Restore ECN Capability state to the system default.
- timestamps
Optional. Specifies one of the following values:
disabled: Disable RFC 1323 timestamps.
enabled: Enable RFC 1323 timestamps.
default: Restore RFC 1323 timestamps state to the system default.
Examples
Following are two examples of the set global command.
set global enabled enabled normal
set global rss=enabled chimney=enabled autotuninglevel=normal
set security
Sets TCP security using memory pressure protection, which can detect an attack that is creating a large number of TCP connections and is exhausting non-paged pool memory. For computers running Windows Server 2008 R2, memory pressure protection is enabled by default for all TCP ports; for computers running Windows® 7, memory pressure protection is disabled by default for all TCP ports. You can use this command to enable or disable memory pressure protection for a computer and for specific TCP ports or a range of ports.
Syntax
set securitympp={disabled|enabled|default} [**startport=**integer] [**numberofports=**integer] [profiles={disabled|enabled|default}]
Parameters
- mpp
Required. Determines the state of memory management protection for the computer if you do not specify a port or port range with the startport and numberofports parameters; otherwise, determines the state of memory pressure protection for the TCP port or range of TCP ports you specify.
disabled: disables memory pressure protection.
enabled: enables memory pressure protection.
default: applies only when you do not specify a port or range of ports and sets memory pressure protection to the system default.
Important
For any port or range of ports to use memory pressure protection, memory pressure protection first must be enabled on the computer. Memory pressure protection is enabled by default on Windows Server 2008 R2 and disabled on Windows® 7. Use the show security command to see the status of memory pressure protection for the computer.
- startport
Optional. Specifies the first TCP port in the range of TCP ports to which the setting applies. Acceptable values are in the range 0–65535.
- numberofports
Optional, required if startport is specified. Specifies the number of ports in the range of TCP ports to which the setting applies. Acceptable values are in the range 1–65535.
- profiles
Optional. Specifies whether memory pressure protection is sensitive to the network profile (also known as the network location): home network, work network, public network, or domain network.
disabled: memory management protection does not consider the location of a network when enabled and applies to all networks.
enabled: memory management protection considers the location of a network. It is enabled only on public networks and is disabled on home, work, and domain networks.
default:equivalent to the enabled setting.
Examples
The following example disables memory pressure protection on TCP port 443:
set security mpp=disabled startport=443 number of ports=1
The following series of commands enables memory pressure protection only on TCP port 443. The first command enables it for the computer, and the two subsequent commands disable it for all ports except TCP port 443:
set security mpp=enabled
set security mpp=disabled startport=1 numberofports=442
set security mpp=disabled startport=444 numberofports=65535
show chimneyapplications
Shows TCP Chimney application filters.
Syntax
show chimneyapplications [ [ level= ] normal | verbose ]
Parameters:
- level
Optional. Specifies one of the following values:
normal: Display the TCP connect IPv4 filters in the TCP chimney offload table. This is the default value.
verbose: Display filters for all events in the TCP chimney offload table.
show chimneyports
Shows TCP Chimney port filters.
Syntax
show chimneyports [ [ level= ] normal | verbose ]
Parameters:
- level
Optional. Specifies one of the following values:
normal: Display the TCP connect IPv4 filters in the TCP chimney offload table. This is the default value.
verbose: Display filters for all events in the TCP chimney offload table.
show global
Shows TCP parameters that affect all connections.
Syntax
show global [ [ store= ] active | persistent ] ]
Parameters
- store
Optional. Specifies one of the following values:
active: Show information in the stack (default).
persistent: Show persistent information.
show security
Shows memory pressure protection status (enabled, disabled, or default) for the computer, for profiles, and for port and port ranges as determined by the set security command. The first value shown is the computer setting (disabled, enabled, or default), the second is the profile setting, and this is followed by a list of any configured ports or port ranges.
Syntax
show security [store={active|persistent}]
Parameters
- store
Optional. If omitted, active is assumed.
active: Show the memory pressure protection status currently active in the computer.
persistent: Show the memory pressure protection status that applies after the computer restarts.