PDA

Bekijk de volledige versie : max connections -- ip_conntrack



dizz
21-05-2004, 13:20
hi there

i thought
"ip_conntrack version 2.1 (128 buckets, 1024 max)"
meant 1024 cennections at max...

but if i use max 900 connections for filesharing, i get
"table full, dropping packet." -messages
anyway!

i hope someone can help me...
can a modify the asus to do more connections - 5000 for example :)
thanx

yanism
21-05-2004, 22:01
i had the same problem.
I 've increased the "ip_conntrack_max" and it will work perfectly now.
http://lists.debian.org/debian-firewall/2003/03/msg00011.html

Oleg
22-05-2004, 11:13
Yes, the thing is really simple. :) Good finding.
You can set this permanently using commands like this:


nvram set bootCmdXXX="echo 4096 > /proc/sys/net/ipv4/ip_conntrack_max"
nvram commit

dizz
22-05-2004, 17:29
thanx 4 help

but after commiting the changes (and rebooting) , if see no difference !
the syslog shows:
ip_conntrack version 2.1 (128 buckets, 1024 max) - 344 bytes per conntrack
as before!

but i think its my mistake. :confused:
(i never used the nvram-command-thing before)
can you check if im doing it right:

im using CR3 (flashed into asus - not from USB-device)

i opend a telnet session to the router and entered at root directory:
nvram set bootCmd1="echo 4096 > /proc/sys/net/ipv4/ip_conntrack_max"
nvram commit
reboot

the rooter reboots but after that averything is the same as before.
do i have to save the new setting in some way???
is this possible without a usb-device?

thank you very much

Oleg
22-05-2004, 19:52
thanx 4 help

but after commiting the changes (and rebooting) , if see no difference !
the syslog shows:
ip_conntrack version 2.1 (128 buckets, 1024 max) - 344 bytes per conntrack
as before!

It's ok, it show the compiled in defaults and nvram thing changes this later.

If you want to check the current value enter

cat /proc/sys/net/ipv4/ip_conntrack_max
after the firmware has fully ininitialized (60-90 seconds after reboot).

bumper
28-08-2004, 11:37
I used to have this issue too (amongst others) and just upgraded to version 1.8.1.7 hoping my wan port will finally stay up, but is modifying this setting still required in this version? and, if so, how do I modify it as I cannot telnet with this version?

Thanks,
Patrick

bumper
29-08-2004, 10:03
never mind, this thing keeps dying on me, either the wan port freezes, or the lan port... it will never stay alive for more then 12 hours. One way ticket for trashcan and no more asus

Antiloop
29-08-2004, 14:22
never mind, this thing keeps dying on me, either the wan port freezes, or the lan port... it will never stay alive for more then 12 hours. One way ticket for trashcan and no more asus

set your port to a fixed speed first!!! that's the number one to prevent from dying
do this in the webinterface (yes it works this time)

if you are using a usbflashdisk/hd you can use a file which start the ipconntrack thingy