Large Send Offload causes performance and slowdown issues
The Bitdefender Firewall was designed to offer the best protection for your network / Internet connections, without you having to configure it. No matter if you are connected directly to the Internet, to a single network or to several networks (Ethernet, wireless, VPN or other network type), either trusted or untrusted, the firewall will self-configure in order to adapt to the corresponding situation.
By default, Bitdefender automatically detects the network configurations on your computer and it creates an appropriate basic firewall profile. It also adds detected networks to the profile as trusted or untrusted network zones, depending on their
In some cases, you might experience the following issues:
- Logon failure: unknown user name or bad password;
- When running a "gpresult" , you may receive the following message: "INFO: the user does not have RSOP data";
- When logon the system remotely using RDC, you may receive this message: "Because of an error in data encryption, this session will end";
- Other computers are accessing to computer very slow;
- The download from a network share resource is very slow;
Because this issues might reside at Network Driver Interface Specification level (NDIS), we strongly recommend you to disable the option called "IPv4 large send offload" from your network card;
In order to change this behavior, you will need to :
- Click on Start and select run;
- Write "ncpa.cpl" without "";
- Once the Network Connections window is opened, right click on your Local Area Network connection, and choose Properties;
- Press on "Configure" and navigate to the "Advance" tab, once the network card properties is opened;
- Disable the option called "IPv4 large send offload";
- Press OK and exit;
According to Microsoft Technet, "The Network Driver Interface Specification (NDIS) is a specification for network driver architecture that allows transport protocols such as TCP/IP, Native ATM, IPX, and NetBEUI to communicate with an underlying network adapter or other hardware device. The network adapter can then send or receive data over the network. NDIS permits the high-level protocol components to be independent of the network adapter by providing a standard interface to the network protocols. Because Windows 2000 network architecture supports NDIS, it requires that network adapter drivers be written to the NDIS specification" (Source : Microsoft Technet Article);
According to Microsoft Technet, "during initialization or when an interface appears as a Plug and Play event, the TCP/IP driver will query the miniport through the NdisRequest() mechanism with an object ID (OID) of OID_TCP_TASK_OFFLOAD in order to find out which offload capabilities the network adapter supports.
For each task the network adapter can offload, it will return an NDIS_TASK_OFFLOAD structure that contains an indication of the task supported and parameters specific to that task. The protocol then enables the appropriate tasks by submitting a set request containing the NDIS_TASK_OFFLOAD structures for those tasks. At this point, these tasks are enabled for offload. The network adapter will receive information specific to the task on a per-packet basis, along with each packet"; (Source: Microsoft Technet Article).