Can I boost the RWIN used by SSH?

Discussion in 'Tomato Firmware' started by Sunspark, Jun 29, 2008.

  1. Sunspark

    Sunspark LI Guru Member

    Hi, ok I've started to push the capabilities of Tomato, and I have activated the SSH daemon for the purpose of tunnels, and activated the dyndns feature also so I don't have to write down an IP every time I leave the house.

    As part of my testing process, I went to see what various analyzers said my connection was. When I am on SSH tunnel, I get this:

    Default TCP Receive Window (RWIN) = 5808
    RWIN Scaling (RFC1323) = 0 bits
    Unscaled TCP Receive Window = 5808

    When I am not on a tunnel, I get 500000+ rwin.

    That's a huge difference.. any way to make it higher on SSH?
  2. mstombs

    mstombs Network Guru Member

    Tomato uses the latest dropbear with nearly all options enabled. You can start a new copy on a different port I guess with non-default options:-

    Tomato v1.19.1463
    # dropbear -?
    Unknown argument -?
    Dropbear sshd v0.51
    Usage: dropbear [options]
    Options are:
    -W <receive_window_buffer> (default 12288, larger may be faster, max 1MB)
    "ie dropbear -p 2222 -W 65536"

    but the default -W doesn't seem to be what you see to start with?
  3. Sunspark

    Sunspark LI Guru Member

    Nope not at all.. and in fact I just telnetted into the router to take a look, and a ps shows:

    110 root 404 S dropbear -p 22 -s

    I went hunting to see if I could find where Tomato configures stuff.. the admin-access.asp page sets nvram variables for ssh and rwin is not one of them..

    What should/could one do to fix this? Do you know? Seems like an oversight..
    dropbear -h says the max size for -W is 1 meg, that's a lot better than 5 k.
  4. nvtweak

    nvtweak LI Guru Member

    dropbear -p 22 -s -W 12288

  5. Sunspark

    Sunspark LI Guru Member

    No. I don't want to telnet in and spin off a second instance of dropbear.
    I was hoping there would be a config file somewhere, but I could not find one anywhere.
  6. fyellin

    fyellin LI Guru Member

    For these sorts of questions, your best bet is usually to grep through the sources.

    In this case, if you look in router/rc/telssh.c, it's pretty clear that there is no configuration file.
  7. PeterT

    PeterT Network Guru Member

    Would one option be to add a script into either INIT, FIREWALL or WANUP that would kill the current dropbear and run a new one with your desired paramters ?


    OOPS.. Forget that; looks like a new instance of dropbear gets spawned on each ssh login
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice