Router Slowdown
From DD-WRT Wiki
Revision as of 00:57, 2 June 2006 (edit) 84.161.29.208 (Talk) (→Windows XP SP2) ← Previous diff |
Revision as of 01:02, 6 June 2006 (edit) (undo) 84.161.16.20 (Talk) (M) Next diff → |
||
Line 3: | Line 3: | ||
=Introduction= | =Introduction= | ||
A lot of people keep asking/telling that their router seems to slow down/crash/hangs/stops responding.<br /> | A lot of people keep asking/telling that their router seems to slow down/crash/hangs/stops responding.<br /> | ||
- | Usually these people are running P2P software like | + | Usually these people are running P2P software like Emule, Bittorrent, Shareaza or something else. |
<br /> | <br /> | ||
You might want to play a little bit with the values, to fit it to your own needs. | You might want to play a little bit with the values, to fit it to your own needs. | ||
=Symptoms= | =Symptoms= | ||
- | Even if it happens the router doesn't answer pings anymore and no more | + | Even if it happens the router doesn't answer pings anymore and no more HTTP, you still can check what's going on through syslogd. Here is a brief description of what's going on : |
# First, you'll see 'full, dropping packet.' messages followed by 'messages suppressed.' | # First, you'll see 'full, dropping packet.' messages followed by 'messages suppressed.' | ||
# Eventually, it will get verbose and you'll see logs similar to the following : | # Eventually, it will get verbose and you'll see logs similar to the following : | ||
Line 34: | Line 34: | ||
=Solution Nr 2= | =Solution Nr 2= | ||
- | DD-WRT has an inbuild proxy feature that allows rewriting of | + | DD-WRT has an inbuild proxy feature that allows rewriting of HTML content to filter ActiveX cookies etc. |
As this is load intense you may want to disable this feature. | As this is load intense you may want to disable this feature. | ||
This should be done under | This should be done under | ||
Line 58: | Line 58: | ||
=Solution Nr 3= | =Solution Nr 3= | ||
- | Apparently there is a bug in the WRT54GS v2.2 The bug involves a fatal memory access error due to a difference in the CPU clock speed | + | Apparently there is a bug in the WRT54GS v2.2 The bug involves a fatal memory access error due to a difference in the CPU clock speed and the clock speed on the memory bus. This bug causes connections to be dropped when transferring large files. New versions of the Linksys firmware overclock the CPU to 216 MHz. This can be fixed by logging into the router via SSH or Telnet ([[Telnet/SSH and the Command Line]]) and executing the following commands. |
- | and the clock speed on the memory bus. This bug causes connections to be dropped when transferring large files. New versions of the Linksys firmware overclock the CPU to 216 MHz. This can be fixed by logging into the router via SSH or Telnet ([[Telnet/SSH and the Command Line]]) and executing the following commands. | + | |
<pre> | <pre> | ||
Line 69: | Line 68: | ||
=Windows XP SP2= | =Windows XP SP2= | ||
- | If you still have problems while downloading check your Windows | + | If you still have problems while downloading check your Windows event viewer and search for event ID 4226. |
<pre> | <pre> | ||
Event Type: Warning | Event Type: Warning |
Revision as of 01:02, 6 June 2006
Contents |
Introduction
A lot of people keep asking/telling that their router seems to slow down/crash/hangs/stops responding.
Usually these people are running P2P software like Emule, Bittorrent, Shareaza or something else.
You might want to play a little bit with the values, to fit it to your own needs.
Symptoms
Even if it happens the router doesn't answer pings anymore and no more HTTP, you still can check what's going on through syslogd. Here is a brief description of what's going on :
- First, you'll see 'full, dropping packet.' messages followed by 'messages suppressed.'
- Eventually, it will get verbose and you'll see logs similar to the following :
<4>kernel: ip_conntrack: table full, dropping packet. <4>kernel: NET: 15 messages suppressed. <4>kernel: ip_conntrack: table full, dropping packet. <4>kernel: NET: 12 messages suppressed.
Solution Nr 1
- Go to the Web-Admin and log in
- Go to 'Administration'
- Go to 'Management'
- Enter the following values at 'IP Filter Settings'
- Maximum Ports: 4096
- TCP Timeout (s): 90 or 120
- UDP Timeout (s): 90 or 120
Screenshot
*note: If you're using ICQ (or other applications which do not send frequent keep-alive packets), you should set timeout to 300 or 600, this helps ICQ to stay connected. But this will decrease the router's performance when you're dealing with heavy P2P traffic. You might want to experiment with these values.
Solution Nr 2
DD-WRT has an inbuild proxy feature that allows rewriting of HTML content to filter ActiveX cookies etc. As this is load intense you may want to disable this feature. This should be done under
Security->Firewall
Unfortunately this function has 3 bugs
- Though all 4 checkboxes are unchecked the rewriting proxy is still running (you might have to reboot)
- It drops connections if under heavy load
- It probably runs haywire checking traffic on other ports than 80, hence the slowdown with p2p applications (unconfirmed)
The only solution is to totally disable the firewall (which I do NOT recommend) in
Security->Firewall
This fixes all slowdowns
This behavior has been seen in v22 and v23
Please report this to the maintainer and put it in the bug database
Solution Nr 3
Apparently there is a bug in the WRT54GS v2.2 The bug involves a fatal memory access error due to a difference in the CPU clock speed and the clock speed on the memory bus. This bug causes connections to be dropped when transferring large files. New versions of the Linksys firmware overclock the CPU to 216 MHz. This can be fixed by logging into the router via SSH or Telnet (Telnet/SSH and the Command Line) and executing the following commands.
nvram set clkfreq=216 nvram commit reboot
Windows XP SP2
If you still have problems while downloading check your Windows event viewer and search for event ID 4226.
Event Type: Warning Event Source: Tcpip Event Category: None Event ID: 4226 Date: 18-2-2006 Time: 11:06:20 User: N/A Computer: <COMPUTERNAME> Description: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 00 00 00 00 01 00 54 00 ......T. 0008: 00 00 00 00 82 10 00 80 ....?..? 0010: 01 00 00 00 00 00 00 00 ........ 0018: 00 00 00 00 00 00 00 00 ........ 0020: 00 00 00 00 00 00 00 00 ........
You reached the connection limit that has been set with SP2 to prevent spreading worms and other virusses. But this has a really bad effect on P2P programs and other programs that require a lot of connections.
Thank god there's a patch available that allows you to increase the numer of half open connections, you can download the patch here: http://www.lvllord.de/?url=downloads&lang=en
Note: Nobody but you can be held responsible for any mistakes you make while patching
Extra Information
The line:
echo '600 1800 120 60 120 120 10 60 30 120' > /proc/sys/net/ipv4/ip_conntrack_tcp_timeouts
is often recommended in forums, but precious few know what it really does. Here is the information.
It is a list for all the possible TCP states and their time outs in seconds. See my table below (they are in the correct order):
State Timeout value NONE 10 minutes ESTABLISHED 30 minutes (default is 5 days) SYN_SENT 2 minutes SYN_RECV 60 seconds FIN_WAIT 2 minutes TIME_WAIT 2 minutes CLOSE 10 seconds CLOSE_WAIT 60 seconds (default is 12 hours) LAST_ACK 30 seconds LISTEN 2 minutes