Explicit Congestion Notification (ECN) slows down outbound connections

ECN Capability in Windows Server 2012: Windows Server 2012 is the first Windows Server version to enable Explicit Congestion Notification, or ECN, in the TCP stack. This is also known as ECN Capability. Explicit Congestion Notification is an extension to the Internet Protocol and to the Transmission Control Protocol and is defined in RFC 3168. ECN allows end-to-end notification of network congestion without dropping packets.

ECN is an optional feature that may be used between two ECN-enabled endpoints when the underlying network infrastructure also supports it.

Outdated Network Equipment Dropping Packets that have ECN Bits Set #

Unfortunately, rather than responding properly or ignoring the bits, some outdated or faulty network equipment drop packets that have ECN bits set. This slows down your outbound connections, because packets needs to be retransmitted without ECN bits. As retransmission intervals increase, it may take up to 10 seconds before a connection is made.

Until most network equipment supports ECN bits in packets, my advise is to disable ECN on Windows Server 2012 (R2) server. This is easily done with netsh:

Disable Windows Server Explicit Congestion Notification (ECN) capabilities #

You may choose to disable Explicit Congestion Notification support on Windows Server 2012 if you experience slow outbound connections. Connections with up to a 10 second delay.

I thought you might find this interesting:   7 Tips: .htaccess as Web Application Firewall (WAF) to secure your website

Here is how to disable ECN Capability using netsh. A reboot is not required.

First verify ECN Capability is enabled. Look for “Enabled” in the command output from

netsh interface tcp show global

If ECN Capability is enabled, you can disable it:

netsh interface tcp set global ecncapability=disabled

A reboot is not required.

Enjoy your fast(er) outbound connections from now on! However, you might still need to tune the Windows TCP/IP stack for high performance websites too.

A note on Windows TCP AutoTuningLevel: Like all modern operating systems Windows has receive window auto-tuning to dynamically adjust the receive buffer size to the throughput and latency of the link. Disabling this feature will definitely limit your Internet speeds. Auto-tuning is consistent throughout all variants of TCP and present in all modern operating systems. Read An Update on Windows TCP AutoTuningLevel for more information.

Please Support Saotn.org

Each post on Sysadmins of the North takes a significant amount of time to research, write, and edit. Therefore, your donation helps a lot! For example, a donation of $3 U.S. buys me a cup of coffee, and as you know: things jsut work better with coffee. A $10 U.S. donation buys me one month of web hosting (yes, hosting costs money). But seriously, thank you for any amount. Much appreciated!

Please donate to support this site if you found a post interesting or if it helped you solve a problem. Thanks! (Tip: no Paypal account required)

If you appreciated this post, then please donate using this Paypal button

Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, websites & optimization.

Leave a Reply

Be the First to Comment!

Hi! Join the discussion, leave a reply!