Some settings seem obvious. But there may be more than appears at first glance. ICMP Priority There are reasons why one might want to prioritize ICMP traffic. There are reasons why one might not want to prioritize ICMP traffic. Those latter reasons really matter to me. TCP Timeouts. If all we care about is getting connections out of the system as soon as possible, then it seems reasonable to minimize all timeouts. But if we want to solve problems, we need information about what is going on, and we don't want to get rid of the evidence before we've had a chance to examine it. Thus, a Close timeout of 60, rather than 10, gives us an extra 50 seconds of time during which we can collect data on the connections involved with the problem. Connection Table Size Some of us remember the dark ages, when the pundits first discovered problems because of "too many connections". The obvious first response was to increase the connection limit. Now, instead of error messages, the router would crash quietly. Like making one's smoke alarm less sensitive to smoke. Soon, manufacturers would put reassuring advertising claims on their routers, such as "300,000 Sessions -- Stable Download" (Asus). Any others?