1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problems ip_conntrack/wireless

Discussion in 'Tomato Firmware' started by flexd, Dec 9, 2010.

  1. flexd

    flexd Networkin' Nut Member

    Hi.

    I've recently started experiencing some issues with my WRT54GL. I'm not sure what it is but what i first thought was DNS issues turned out to be this:

    http://pastie.org/1360590

    Basically its just dropping my connections and i do not know why. This happens on 1.27.x and also the latest version available. I haven't had this problem before so i'm thinking perhaps something hardware is causing this?

    The WiFi has worked fine until just now when my laptop got disconnected and i am unable to find the network again. I've tried restarting the router and enabling/disabling wireless but its still not popping up. Also rebooted the laptop (macbook) to no avail. This machine seems to still be connected to the wireless network without issues :-/

    It would ofcourse be best if i didnt have to buy a new router >_<
    Please help :)
     
  2. flexd

    flexd Networkin' Nut Member

    Still experiencing the issue. I have restored the config to default and still having it.

    Apparently i have over 3800 TCP connections in the time_wait category?

    These connections go up with about a 100 connections per sec, what the hell?
     
  3. dmb41crash

    dmb41crash Networkin' Nut Member

    Yeah I had a similar issue recently, I was pushing almost 5000 connections during some FTP'ing. I changed my Conntrack/Netfilter settings to the following and haven't had any issues since:

    Maximum Connections: 4096
    Hash Table Size: 512

    TCP Timeout (seconds)
    Established: 1200
    SYN Sent: 60
    SYN Received: 30
    FIN Wait: 30
    Time Wait: 30
    Close: 10
    Close Wait: 30
    Last ACK: 30

    UDP Timeout (seconds)
    Unreplied: 30
    Assured: 180

    Other Timeouts (seconds)
    Generic: 30
    ICMP: 180

    Tracking / NAT Helpers
    FTP: Checked
    GRE / PPTP: Checked
    H.323: Checked
    SIP: Checked
    RTSP: Unchecked

    Miscellaneous
    TTL Adjust: None
    Inbound Layer 7: Checked
     
  4. Toastman

    Toastman Super Moderator Staff Member Member

    flexd

    If your connection count increases at an extremely rapid rate, you would consider this a "connection storm". This can bring down your router and cause it to reboot. Search for "connection storm" on the forum and you'll find a lot of information.

    You may be under a deliberate DOS attack, or simply have a rogue machine on your network which is under control of a virus and is attempting to do something with your machine that you wouldn't like. (Often using it to send spam emails, for example).

    This is very common these days - I get a couple every week in my buildings. If it's one of your own machines then once aware, you can fix it. If, like me, you have no control over your customers, then there's really very little you can do except try to prevent that user from gaining access to your network.

    You can reduce the timeout values even more drastically than dmb41crash suggests, if you still have problems. If you have dozens of users this is often necessary.
     

Share This Page