CIS 6 disables NIC TCP offload settings?


I installed CIS 6 on Windows 8 64bits to find out that it slowed down my connection speed. When I checked the settings of my NIC, I noticed that CIS 6 disabled all the TCP offload settings of the card, and when I try to enable the TCP offload settings they get reverted back to disabled. My card is a “Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller”. I only use the firewall and all the behavior/Defense+/sandbox features of CIS 6 are set to disabled.

Is there any way to (re)enable those TCP offload settings with CIS6 installed?

Also, not sure if it’s normal but the installer doesn’t disable the Windows Firewall and the “active public networks” on the “Windows Firewall” page lists 3 or 4 different networks. it only lists 1 when CIS 6 isn’t installed.

Typically, it’s necessary to enable TCP Chimney Offload on the NIC and also in the OS. You already know how to enable the option on the NIC but for the system do the following:

  1. Open and administratiive command prompt
  2. type:

netsh int tcp set global chimney=enabled

  1. Check the status with:

netsh int tcp show global

Also look at:

netstat –t

Particularly the last column.

Also, not sure if it's normal but the installer doesn't disable the Windows Firewall...

It’s not ‘normal’ but it has happened in the past, on some systems. Unfortunately, I don’t remember there being a reason found. If Windows firewall is left enabled, manually disable it.

...and the "active public networks" on the "Windows Firewall" page lists 3 or 4 different networks. it only lists 1 when CIS 6 isn't installed.

How many ‘Active Networks’ do you see under Network and Sharing Centre. Maybe a screenshot or two of what you’re seeing…

Chimney is disabled by default on Windows 8 and enabling it doesn’t seem to change anything. The offload column shows InHost, meaning not offloaded, even after I set it to enabled in the advanced options of the NIC and in netsh. I don’t have any spare NIC to try here to check if it’s a problem with drivers of the NIC or more general with Windows 8. “Receive Segment Coalescing State” is enabled on the other hand.

For the multiple networks, there wasn’t any new ghost cards in the Sharing center. Maybe the Windows Firewall is confusing CIS 6 network zones with real networks. I had 3 different IP in two different zones. two in one zone (IPV4 and IPV6) and one that was for the localhost zone.

I’ll try to poke around later if I can find another NIC, too braindead to write or mess with my system atm.

Thanks for the answer

I can also report the same problem with CIS6, all NIC offloading settings (large send, IPv4, TCP and UDP header checksum) switch to a disabled state. Even if I change them back, they revert to disabled immediately. Uninstalling CIS6 fixes the issue.

On a side note, TCP chimney offload (should always be set to automatic) is a whole different matter than packet header checksum offload and large send offload.

I’m on Windows 8 x64, using an Intel Gigabit ET Dual Port Server adapter.