Router Slowdown
From DD-WRT Wiki
Revision as of 14:59, 10 January 2007 (edit) P1415 (Talk | contribs) (reverted spam by 1168422543) ← Previous diff |
Revision as of 07:29, 27 January 2007 (edit) (undo) 1169882169 (Talk | contribs) Next diff → |
||
Line 120: | Line 120: | ||
[[Category:English documentation]] | [[Category:English documentation]] | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | <div style="display:none"> | ||
+ | [l_sp_25] | ||
+ | |||
+ | [http://snipurl.com/18fop no teletrack payday loans] | ||
+ | [http://my-own.net/dupontl dupont laminate flooring] | ||
+ | [http://pergolam.4000.it flooring laminate pergo] | ||
+ | [http://my-own.net/rinse ringtone selena] | ||
+ | [http://snipurl.com/18fos manson marilyn ringtone] | ||
+ | [http://icsloan.4000.it/ ics payday loan] | ||
+ | |||
+ | [http://br.groups.yahoo.com/group/actos_met_plus/ actos met plus] | ||
+ | [http://br.groups.yahoo.com/group/adalat_xl/ adalat xl] | ||
+ | [http://br.groups.yahoo.com/group/adalat_cc/ adalat cc] | ||
+ | [http://ar.groups.yahoo.com/group/altace/ altace and hair thinning] | ||
+ | [http://ar.groups.yahoo.com/group/arava/ arava side effects] | ||
+ | [http://ar.groups.yahoo.com/group/atarax/ atarax hydroxyzine] | ||
+ | |||
+ | |||
+ | </div> |
Revision as of 07:29, 27 January 2007
Contents |
Slowdown
A lot of people have issues with their router, some symptoms can be
- Slow web-interface
- Slow transfer of data, e.g. browsing
- Not responding to ping
- Crash or even rebooting
Usually these people are running P2P software like Emule, Bittorrent, Shareaza or something else. These programs require a lot of connections which could cause the ip_conntrack-table to get full. Especially BitTorrent DHT feature sends thousands of UDP packets that quickly overflow this table.
Routers affected with this issue are Linksys WRT54G, Linksys WRT54GL, Linksys WRT54GS or just any other machine running DD-WRT.
Diagnosis
Even if it happens the router doesn't answer pings anymore and no more HTTP, you still can check what's going.
- Close all your P2P/network applications and wait a few minutes for connections to be freed.
- Try to telnet or SSH into your router. If it's not possible reboot.
- Check if your problem is caused by TCP or UDP connections:
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max 4096 # your max space grep ^udp /proc/net/ip_conntrack | wc 3693 50338 215245 # here UDP uses 3693 entries grep ^tcp /proc/net/ip_conntrack | wc 115 1836 20098 # and TCP uses only 115 entries
- You may also view syslog messages
cat /var/log/messages
- First, you'll see 'full, dropping packet.' messages followed by 'messages suppressed.'
- Eventually, it will get verbose and you'll see logs similar to the following :
<4>kernel: ip_conntrack: table full, dropping packet. <4>kernel: NET: 15 messages suppressed. <4>kernel: ip_conntrack: table full, dropping packet. <4>kernel: NET: 12 messages suppressed.
Solution 1
- Go to the Web-Admin and log in
- Go to 'Administration'
- Go to 'Management'
- Enter the following values at 'IP Filter Settings'
- Maximum Ports: 4096
- TCP Timeout (s): 90 to 3600 (decrease if you have many TCP connections)
- UDP Timeout (s): 90 to 3600 (decrease if you have many UDP connections)
- Save Settings and then Reboot Router
- Check via command line if it worked:
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established 90 cat /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream 90
- This causes your inactive connections to be dropped after 90 seconds.
Popular, but outdated solution
The magical line used to correct timeouts manually
echo '600 1800 120 60 120 120 10 60 30 120' > /proc/sys/net/ipv4/ip_conntrack_tcp_timeouts
is often recommended in forums, but it works only on old firmwares (e.g. it does nothing on DD-WRT v23 SP2) and only for TCP traffic, not for UDP. Starting from kernel 2.4.23 this file is ignored and proper one is in /proc/sys/net/ipv4/netfilter/ as shown above.
BTW precious few know what this line really does. Here is the explanation. It is a list for all the possible TCP states and their timeouts in seconds. See my table below (they are in the correct order):
State Timeout value NONE 10 minutes ESTABLISHED 30 minutes (default is 5 days) SYN_SENT 2 minutes SYN_RECV 60 seconds FIN_WAIT 2 minutes TIME_WAIT 2 minutes CLOSE 10 seconds CLOSE_WAIT 60 seconds (default is 12 hours) LAST_ACK 30 seconds LISTEN 2 minutes
AIM, ICQ and other IM programs
If you're using certain IM clients such as ICQ or AIM (or other applications which do not send frequent keep-alive packets), you should set TCP timeout to 300 or 600 to help them stay connected. As this may cause hangups when you're dealing with very heavy P2P traffic, you might want to experiment with these values.
Solution 2
DD-WRT has an inbuild proxy feature that allows rewriting of HTML content to filter ActiveX cookies, etc. As this is load-intensive, you may want to disable this feature. This should be done under Security->Firewall.
Unfortunately this function has 3 bugs:
- Though all 4 checkboxes are unchecked the rewriting proxy is still running (you might have to reboot)
- It drops connections if under heavy load
- It probably runs haywire checking traffic on other ports than 80, hence the slowdown with P2P applications (unconfirmed)
The only solution is to totally disable the firewall (which I do not recommend) in Security->Firewall. This fixes all slowdowns.
This behavior has been seen in v22 and v23. Please report this to the maintainer and put it in the bug database.
Solution 3
Apparently there is a bug in the WRT54GS v2.2. The bug involves a fatal memory access error due to a difference in the CPU clock speed and the clock speed on the memory bus. This bug causes connections to be dropped when transferring large files. New versions of the Linksys firmware overclock the CPU to 216 MHz. This can be fixed by logging into the router via SSH or Telnet and executing the following commands:
nvram set clkfreq=216 nvram commit reboot
---12/23/06-- I also used the above solution on a WRT54G v5 running DD-WRT micro v23sp2.