Tassadaru

Event id 4226

81 posts in this topic

Greetings.

I am continuously receiving an event id 4226 error and my whole internet sometimes locks up, leaving all established connections alive, but giving permission denied to new attempts. I don't know how to make this not happen again, it's starting to drive me nuts. I've set my torrent client to do max 4 halfopen connections per second and max 2 new connections per second, but it keeps crashing my internet. I would love to see a fix for this thing, since every time this happens, my internet stops. All established connections work, while all new attempts get a permission denied. Please help me. Thank you.

0

Share this post


Link to post
Share on other sites

I posted something about this in the Vista Tweaks and Tips section, explaining what this event really is. See this post: About Event 4226

There is no fix for it because nothing is really wrong, its by design. The event is reported because its simply trying to tell you a limit was reached. As I post this reply I have 46 active connections going for various things and i'm able to establish new connections with no problem. Have you made any alterations to your TCP/IP stack, especially any changes that are supposed to 'tweak' your connection from any of the connection tweakers like the popular for XP cablenut tweaker...if you did you need to dump those changes, contrary to popular belief they don't actually help your connection at all in Vista. Have you disabled AutoTuning...if so re-enable it. Then see what happens. BTW, some torrent clients actually have more connections going in the backgroud then what the client shows, and some of them hold onto timed out connections (which should be available to you to make new connections with) and report them to the stack as active when they really aren't. Actually while some look like it, or say they 'work in Vista' I don't think many of them actually report accurately to Vista for the actual number of connection and the actual status of timed out connections.

Greetings.

I am continuously receiving an event id 4226 error and my whole internet sometimes locks up, leaving all established connections alive, but giving permission denied to new attempts. I don't know how to make this not happen again, it's starting to drive me nuts. I've set my torrent client to do max 4 halfopen connections per second and max 2 new connections per second, but it keeps crashing my internet. I would love to see a fix for this thing, since every time this happens, my internet stops. All established connections work, while all new attempts get a permission denied. Please help me. Thank you.

Edited by Spooky
0

Share this post


Link to post
Share on other sites

I have not made any alterations to my windows box, since none was needed and there were none I could find. I didn't enable or disable anything. It's just that I hate it when my internet locks up and no new connections can be made. It's really annoying especially when you need to do something quick. tcpip.sys is the original, sometimes the error appears and does nothing, sometimes the whole **** net freezes. That's what I want to avoid. The internet freezing part. Everything that is connected remains connected without a problem, what is not, can't establish a new connection and gets Permission denied. Please tell me or advise me what to do about the permission denied part, since I'm really considering burning vista and kicking it to a trashcan. My tcpip.sys file is version 6.0.6000.16386 size 784 KB (802,816 bytes). Please give some feedback on what CAN I do for the internet just not stop, even if it slows down. What can be causing theese lockups? Thanx!

0

Share this post


Link to post
Share on other sites

i had the this same exact problem. in order to resolve this, they say you have to disable spi in your router. it has something to do with vista's tcp window scaling not being compatible with most routers. although sometimes that doesn't fix it completely.

for my router (linksys rv042), i had to disable the router firewall completely and i no longer have connection problems. try either one and see if it works for you.

as soon as linksys updates their firmware for the rv042 to support tcp window scaling, i should be able to enable the firewall again.

0

Share this post


Link to post
Share on other sites

Thanks for the advice but I don't use a router. My connection is cable modem based, using a Scientific Atlanta Webstar 2000 Series cable modem through nVidia nForce Networking Controller (nForce4), since the modem doesn't have drivers for vista rtm so I can plug it in the USB and worry no more (maybe). So no routers are present in my configuration, just the vista default config of firewall, that ALLOWS utorrent (that may be causing the problems) to connect as he wishes. I narrowed down the uTorrent configuration options to net.max_halfopen to 4 and net.connect_speed to 5, so the max half-open connections that uTorrent will attempt is 4, and the maximum connections per second that uTorrent will do are 5. That will slow things down, I know, but may be a temporary fix until something good comes along and a patch to tcpip.sys is released. But I don't know how to disable the net lockup part. What's causing that? I see nothing in my logs, about some component of vista restricting one of my running apps, it just... freezes, and what's connected remains connected, what not, ... tough luck!

Any more ideas?

i had the this same exact problem. in order to resolve this, they say you have to disable spi in your router. it has something to do with vista's tcp window scaling not being compatible with most routers. although sometimes that doesn't fix it completely.

for my router (linksys rv042), i had to disable the router firewall completely and i no longer have connection problems. try either one and see if it works for you.

as soon as linksys updates their firmware for the rv042 to support tcp window scaling, i should be able to enable the firewall again.

0

Share this post


Link to post
Share on other sites

Well then, you may have found your problem...maybe. Some versions of the Nvidia nForce controller have problems with spi, the Vista firewall its self has a little problem with spi (that will be fixed in SP1). However, while the Vista firewall has a slight problem with spi I don't think its causing your problem. Take a closer look at the Nvidia (are you using any beta drivers from Nvidia?), try using a different NIC...also...the Scientific Atlanta cable modems might be having some issues with spi (because cable modems are basically routers).

Of course, all these are guess's at this point. Its hard to trouble shoot a problem unless your looking at the entire system. Also it depends if your running the RTM or one of the previous builds prior to RTM. Builds prior to RTM had the issues you describe with the 'lockup' part.

These are just suggestions for you.

Thanks for the advice but I don't use a router. My connection is cable modem based, using a Scientific Atlanta Webstar 2000 Series cable modem through nVidia nForce Networking Controller (nForce4), since the modem doesn't have drivers for vista rtm so I can plug it in the USB and worry no more (maybe). So no routers are present in my configuration, just the vista default config of firewall, that ALLOWS utorrent (that may be causing the problems) to connect as he wishes. I narrowed down the uTorrent configuration options to net.max_halfopen to 4 and net.connect_speed to 5, so the max half-open connections that uTorrent will attempt is 4, and the maximum connections per second that uTorrent will do are 5. That will slow things down, I know, but may be a temporary fix until something good comes along and a patch to tcpip.sys is released. But I don't know how to disable the net lockup part. What's causing that? I see nothing in my logs, about some component of vista restricting one of my running apps, it just... freezes, and what's connected remains connected, what not, ... tough luck!

Any more ideas?

i had the this same exact problem. in order to resolve this, they say you have to disable spi in your router. it has something to do with vista's tcp window scaling not being compatible with most routers. although sometimes that doesn't fix it completely.

for my router (linksys rv042), i had to disable the router firewall completely and i no longer have connection problems. try either one and see if it works for you.

as soon as linksys updates their firmware for the rv042 to support tcp window scaling, i should be able to enable the firewall again.

0

Share this post


Link to post
Share on other sites

actually, cable modems aren't really routers. only dsl modems act as routers.

i'm currently using utorrent and emule with 4 half-open connections for utorrent and 4 half-open connections for emule. i'm getting the 4226 event id only once a day. but it doesn't kill my net connection. double check your other apps to see if they aren't hogging your half open connections.

and if you still are having problems, the last thing you can do to try to resolve your net problems is to turn of vista's auto tuning.

Turning off auto-tuning is a simple command line command (running with Admin rights):

netsh interface tcp set global autotuninglevel=disabled

and to enable again:

netsh interface tcp set global autotuninglevel=normal

0

Share this post


Link to post
Share on other sites

10 half-open concurrent connections is too little in todays world..

30 - bearable, 50 - why not, 100 - just perfect, 10 - ffs, it's not 1980

0

Share this post


Link to post
Share on other sites

your right, its not 1980, if it was 1980 the hacker idiots wouldn't be exploiting everything they could. As it is, its the way it is because of those hacker idiots who produce the stuff that takes advantage of a generous allowance of more then the current limit.

10 half-open concurrent connections is too little in todays world..

30 - bearable, 50 - why not, 100 - just perfect, 10 - ffs, it's not 1980

0

Share this post


Link to post
Share on other sites

Well, if you want, I can generate a report for you and you could see what's on my system. Anyways, I'm running Windows Vista Professional 6.0 (Build #6000).

My specs (short) are: OS: Windows Vista Professional 6.0 (Build #6000) CPU: AMD Athlon 64 3500+, 2.50 GHz, 512KB Video: NVIDIA GeForce 7600 GT (1024x768x32bpp 75Hz) Sound: Speakers (NVIDIA nForce Audio) Memory: Used: 488/1023MB Uptime: 7m 32s HD: Free: 54.42 GB/298.10 GB Connection: NVIDIA nForce Networking Controller @ 100.0 Mbps (Rec: 14.56MB Sent: 8.09MB).

The drivers I'm using are from Microsoft Update, since they installed at the first update. So they're WHQL signed, and Microsoft trusts them and tested them. And no apps in the background that could be making other connections. mIRC and Yahoo Messenger are connected, but they're in ESTABLISHED state. I don't know what to do...

0

Share this post


Link to post
Share on other sites

Well I have changed the adapters between them, as a little try of resolving my problems:

I forgot to mention I have two adapters in my Computer:

1. nVidia nForce networking controller (inet connection with ics enabled)

2. Realtek RTL8319/810x Family Fast Ethernet NIC

The net got to my computer through nVidia Network and then got to my mom's pc through Realtek.

I changed the roles, now the net comes through Realtek and goes to my mom's through nVidia.

Maybe this will help, I dunno. I also got a "patched" (or so he said) tcpip.sys from a friend who said that there limit in that .sys is patched. I don't know for that, but problems still arose after installing of the new .sys file. We'll see how it will behave in this configuration.

Anyways thank you all for trying to help!

0

Share this post


Link to post
Share on other sites
there's no patched tcpip.sys file for vista..

I don't know what to say, but I saw something in my logs today looking like this:

Log Name: Security

Source: Microsoft-Windows-Security-Auditing

Date: 12/25/2006 4:00:05 PM

Event ID: 5032

Task Category: Other System Events

Level: Information

Keywords: Audit Failure

User: N/A

Computer: DarkMind

Description:

Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.

Error Code: 2

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

<System>

<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />

<EventID>5032</EventID>

<Version>0</Version>

<Level>0</Level>

<Task>12292</Task>

<Opcode>0</Opcode>

<Keywords>0x8010000000000000</Keywords>

<TimeCreated SystemTime="2006-12-25T14:00:05.847Z" />

<EventRecordID>898</EventRecordID>

<Correlation />

<Execution ProcessID="612" ThreadID="3380" />

<Channel>Security</Channel>

<Computer>DarkMind</Computer>

<Security />

</System>

<EventData>

<Data Name="ErrorCode">2</Data>

</EventData>

</Event>

What to do? What is happening?

0

Share this post


Link to post
Share on other sites

"Description:

Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network."

Specifically: "Windows Firewall was unable to notify"

Did you disable UAC and defender? Both of these need to be on to receive notifications from the firewall.

there's no patched tcpip.sys file for vista..

I don't know what to say, but I saw something in my logs today looking like this:

Log Name: Security

Source: Microsoft-Windows-Security-Auditing

Date: 12/25/2006 4:00:05 PM

Event ID: 5032

Task Category: Other System Events

Level: Information

Keywords: Audit Failure

User: N/A

Computer: DarkMind

Description:

Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.

Error Code: 2

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

<System>

<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />

<EventID>5032</EventID>

<Version>0</Version>

<Level>0</Level>

<Task>12292</Task>

<Opcode>0</Opcode>

<Keywords>0x8010000000000000</Keywords>

<TimeCreated SystemTime="2006-12-25T14:00:05.847Z" />

<EventRecordID>898</EventRecordID>

<Correlation />

<Execution ProcessID="612" ThreadID="3380" />

<Channel>Security</Channel>

<Computer>DarkMind</Computer>

<Security />

</System>

<EventData>

<Data Name="ErrorCode">2</Data>

</EventData>

</Event>

What to do? What is happening?

0

Share this post


Link to post
Share on other sites

I disabled UAC, but not defender. Anyways, I don't want UAC since I want to run all of my programs as administrator, I know it's risky but I hate always pressing the As administrator button and so on, anyways, is what's causing the internet lockups? If yes, what do I need to do? It doesn't just block ONE application, it blocks ALL applications from whatever connection they're wanting to attempt, and leaves the applications already connected alone. I just want to fix this. My patience is getting out of hand here, since I am really beginning to get annoyed by this stupid lockup. Please tell me if I can do something to avoid the lockups or not. Thank you.

PS: It doesn't restrict the application to accept incoming connections. It restricts all aplications from accepting or making new connections.

Edited by Tassadaru
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.