I have a windows 2003 server at a colocation facility that's encountering packet loss. The server is being used for game servers, so there's lots of traffic all the time.

Any suggestions on how i should optimize the connection (and at the same time remain secure against ddos, etc.)? The server is on a 100 Mbit port.

Also, here's my current settings:

[SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
TcpWindowSize=-1
GlobalMaxTcpWindowSize=-1
EnablePMTUDiscovery=-1
EnablePMTUBHDetect=-1
SackOpts=-1
DefaultTTL=-1
TcpMaxDupAcks=-1
Tcp1323Opts=-1
DisableUserTOSSetting=-1
DefaultTOSValue=-1
[SYSTEM\CurrentControlSet\Services\Afd\Parameters]
DefaultReceiveWindow=-1
[Software\Microsoft\Windows\CurrentVersion\Internet Settings]
MaxConnectionsPerServer=-1
MaxConnectionsPer1_0Server=-1
[SYSTEM\CurrentControlSet\Services\ICSharing\Settings\General]
InternetMTU=-1
[SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RemoteComputer\NameSpace\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}]
{D6277990-4C6A-11CF-8D87-00AA0060F5BF}=-1
[SYSTEM\CurrentControlSet\Services\Dnscache\Parameters]
MaxNegativeCacheTtl=-1
NegativeCacheTime=-1
NetFailureCacheTime=-1
NegativeSOACacheTime=-1
[SOFTWARE\Policies\Microsoft\Windows\Psched]
NonBestEffortLimit=0
[SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider]
LocalPriority=499
HostsPriority=500
DnsPriority=2000
NetbtPriority=2001
[System\CurrentControlSet\Services\LanmanServer\Parameters]
SizReqBuf=-1
[SYSTEM\CurrentControlSet\Services\NdisWan\Parameters\Protocols\0]
ProtocolMTU=-2
[SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D63AC0FA-D2C9-4D83-B057-31A353516AB3}]
MTU=-1
TcpWindowSize=-1
[SYSTEM\CurrentControlSet\Services\Psched\Parameters\Adapters\{D63AC0FA-D2C9-4D83-B057-31A353516AB3}]
NonBestEffortLimit=-2
[SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8190D94A-3B2D-45C4-998D-312E99D6061D}]
MTU=-1
TcpWindowSize=-1
[SYSTEM\CurrentControlSet\Services\Psched\Parameters\Adapters\{8190D94A-3B2D-45C4-998D-312E99D6061D}]
NonBestEffortLimit=-2

Oh and in case you need server specs, here they are too:

2x Dual Core Xeon (3Ghz, 667 FSB, 2MB L2 Cache)
2 GB Ram (Kingston)
Intel® (ESB2/Gilgal) 82563EB Dual-port Gigabit Ethernet Controller

I dont know what to do to optimize, i was going to use one of those tcp optimizer tools but it doesnt have settings for 100Mbit connections

Try these settings:

"TcpWindowSize"=dword:3EBC0
"Tcp1323Opts"=dword:3

That sets the TCP RWIN to 256960 which should handle 100mb/sec. Setting RWIN is a little of an art, not a science. Counter-intuitively, some fast connections work better with smaller RWIN sizes, and some slower with larger ones. You just have to fool with them a bit.

The Tcp1323Opts setting of 3 enables timestamps and RWIN scaling up to 1GB of RWIN. The alternative setting is 1 which enables RWIN scaling but not timestamps. Sometimes that works better depending on your connection.

Here are the settings for smaller RWINs:

128480 - 1F5E0
64240 - faf0

Make sure you export that key before you change the settings, so you can reimport it if necessary.

At another forum, i posted the same post and someone responded that i should change my settings to:

They might be. What they do is set your RWIN to 1gb which may be fine, or may be too large. As I said, setting RWIN is more of an art then a science. Trial and error makes a difference.

I would suggest trying my settings first, since I also am using scaling for RWIN which will increase the size dynamically if that is more efficient. What my setting does is set RWIN to a minimum of 256kb and then scales it up to as much as a gig if necessary. That's why the second setting is important as well, because that's how Windows knows how and when to scale RWIN.

I have no problem with the other suggested settings, they are all defaults anyway.

I changed the tcp/ip settings to what you mentioned above. Thanks

Post back at some point after you have some experience how the changes affected your speed. I'm just curious where the optimization point was for your high speed/volume connection.