The following keys specify parameters for the kernel mode driver Afd.sys. Afd.sys is used to support Windows sockets applications. All of the keys and values in this section are located under the registry key HKLM\System\CurrentControlSet\Services\AFD\Parameters . These keys and values are:
Value: EnableDynamicBacklog
Recommended value data: 1
Valid values: 0 (disabled), 1 (enabled)
Description: Specifies AFD.SYS functionality to withstand large numbers of SYN_RCVD connections efficiently . For more information, see "Internet Server Unavailable Because of Malicious SYN Attacks," at http://support.microsoft.com/default.aspx?scid=kb;en-us;142641.
Value name : MinimumDynamicBacklog
Recommended value data: 20
Valid values: 0 “4294967295
Description: Specifies the minimum number of free connections allowed on a listening endpoint. If the number of free connections drops below this value, a thread is queued to create additional free connections
Value name: MaximumDynamicBacklog
Recommended value data: 20000
Valid values: 0 “4294967295
Description: Specifies the maximum total amount of both free connections plus those in the SYN_RCVD state.
Value name: DynamicBacklogGrowthDelta
Recommended value data: 10
Valid values: 0 “4294967295
Present by default: No
Description: Specifies the number of free connections to create when additional connections are necessary.
Use the values summarized in Table 4 for maximum protection.
Value Name | Value (REG_DWORD) |
---|---|
EnableDynamicBacklog | 1 |
MinimumDynamicBacklog | 20 |
MaximumDynamicBacklog | 20000 |
DynamicBacklogGrowthDelta | 10 |