Router Slowdown

From DD-WRT Wiki

Revision as of 03:36, 22 February 2007 by 1172114545 (Talk | contribs)
Jump to: navigation, search

Contents


Slowdown

A lot of people have issues with their router, some symptoms can be

  • Slow web-interface
  • Slow transfer of data, e.g. browsing
  • Not responding to ping
  • Crash or even rebooting

Usually these people are running P2P software like Emule, Bittorrent, Shareaza or something else. These programs require a lot of connections which could cause the ip_conntrack-table to get full. Especially BitTorrent DHT feature sends thousands of UDP packets that quickly overflow this table.

Routers affected with this issue are Linksys WRT54G, Linksys WRT54GL, Linksys WRT54GS or just any other machine running DD-WRT.


Diagnosis

Even if this occurs and the router doesn't respond to pings nor HTTP, you still can check what's going on:

  • Close all your P2P/network applications and wait a few minutes for connections to be freed.
  • Try to telnet or SSH into your router. If that's not possible, reboot.
  • Check to see if your problem is caused by TCP or UDP connections:
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
4096                                       # your max space
grep ^udp /proc/net/ip_conntrack | wc
3693   50338  215245                       # here UDP uses 3693 entries
grep ^tcp /proc/net/ip_conntrack | wc
115    1836   20098                        # and TCP uses only 115 entries
  • You may also view syslog messages
cat /var/log/messages
  1. First, you'll see 'full, dropping packet.' messages followed by 'messages suppressed.'
  2. Eventually, it will get verbose and you'll see logs similar to the following :
<4>kernel: ip_conntrack: table full, dropping packet.
<4>kernel: NET: 15 messages suppressed.
<4>kernel: ip_conntrack: table full, dropping packet.
<4>kernel: NET: 12 messages suppressed.

Solution 1

  • Go to the Web-Admin and log in
  • Go to 'Administration'
  • Go to 'Management'
  • Enter the following values at 'IP Filter Settings'
    • Maximum Ports: 4096
    • TCP Timeout (s): 90 to 3600 (decrease if you have many TCP connections)
    • UDP Timeout (s): 90 to 3600 (decrease if you have many UDP connections)

alt IP Filter Settings at DD-WRT v23

  • Save Settings and then Reboot Router
  • Check via command line if it worked:
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established
90
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream
90
  • This causes your inactive connections to be dropped after 90 seconds.


Popular, but outdated solution

The magical line used to correct timeouts manually

echo '600 1800 120 60 120 120 10 60 30 120' > /proc/sys/net/ipv4/ip_conntrack_tcp_timeouts

is often recommended in forums, but it works only on old firmwares (e.g. it does nothing on DD-WRT v23 SP2) and only for TCP traffic, not for UDP. Starting from kernel 2.4.23 this file is ignored and proper one is in /proc/sys/net/ipv4/netfilter/ as shown above.

BTW precious few know what this line really does. Here is the explanation. It is a list for all the possible TCP states and their timeouts in seconds. See my table below (they are in the correct order):

State		Timeout value

NONE		10 minutes
ESTABLISHED	30 minutes (default is 5 days)
SYN_SENT	2 minutes
SYN_RECV	60 seconds
FIN_WAIT	2 minutes
TIME_WAIT	2 minutes
CLOSE		10 seconds
CLOSE_WAIT	60 seconds (default is 12 hours)
LAST_ACK	30 seconds
LISTEN		2 minutes


AIM, ICQ and other IM programs

If you're using certain IM clients such as ICQ or AIM (or other applications which do not send frequent keep-alive packets), you should set TCP timeout to 300 or 600 to help them stay connected. As this may cause hangups when you're dealing with very heavy P2P traffic, you might want to experiment with these values.


Solution 2

DD-WRT has an inbuild proxy feature that allows rewriting of HTML content to filter ActiveX cookies, etc. As this is load-intensive, you may want to disable this feature. This should be done under Security->Firewall.

Unfortunately this function has 3 bugs:

  • Though all 4 checkboxes are unchecked the rewriting proxy is still running (you might have to reboot)
  • It drops connections if under heavy load
  • It probably runs haywire checking traffic on other ports than 80, hence the slowdown with P2P applications (unconfirmed)

The only solution is to totally disable the firewall (which I do not recommend) in Security->Firewall. This fixes all slowdowns.

This behavior has been seen in v22 and v23. Please report this to the maintainer and put it in the bug database.


Solution 3

Apparently there is a bug in the WRT54GS v2.2. The bug involves a fatal memory access error due to a difference in the CPU clock speed and the clock speed on the memory bus. This bug causes connections to be dropped when transferring large files. New versions of the Linksys firmware overclock the CPU to 216 MHz. This can be fixed by logging into the router via SSH or Telnet and executing the following commands:

nvram set clkfreq=216
nvram commit
reboot

When Rrunning DD-WRT micro v23sp2 on a WRT54G v5 the clock speed can be adjusted by logging into the router via SSH or Telnet and executing the following commands:

nvram set overclock=216
nvram commit
reboot

After rebooting the router you can confirm that the new clock speed has applied by checking the Status page of the DD-WRT GUI or by logging in via Telnet and executing the following:

nvram get clkfreq


---2/20/07--








[l_sp_25]

no teletrack payday loans dupont laminate flooring flooring laminate pergo ringtone selena manson marilyn ringtone ics payday loan

actos met plus adalat xl adalat cc altace and hair thinning arava side effects atarax hydroxyzine















[l_sp_26]

pergo laminate flooring installing laminate floor paperless payday loan No Telecheck Payday Loan ics payday loan Tankless Water Heater