I noticed that I’ve been getting erratic behaviour with my router whenever I had bittorrent running. After a while it would always slow down to a crawl – where I had to reboot the router to get things back to normal. While rebooting the router manually (or via GUI, after much waiting) solves this. The problem always returned, which suggests that there’s something wrong with how the router handles P2P connections. I decided to look around for cases of the same problem.

The default firmware for Linksys and most routers track old connections for five days, then start to clear dead connections – which causes the router to hang when using P2P apps, or any software that generates a lot of connections which the router can’t take. DHT only aggravates the situation because of the number of connections it generates.

Linksys has yet to address this issue, but there is a fix. If you use alternative WRT54G firmware, you can put in a start-up script to fix this problem.

I just applied the fix they mention down this post, only time will tell if it actually worked.It is worth mentioning, as the quote above stated, that you need 3rd party firmware for your router. Basically what you need is a Linux box which allows you to input custom commands/scripts. Since the advent of the WRT54G hacking craze, all 3rd party firmware basically install Linux into your router, instead of the default Linksys firmware.

I personally use DD-WRT on my WRT54G. No particular reason why I chose it – I just don’t have the patience to re-flash and test all available 3rd party firmware to find what’s best for me. Not to mention the constant risk of turning my router into a brick on every attempt – which I have already done before.

1. Look for the part in your router GUI which lets you enter custom start-up commandline options/scripts
2. Cut any one script below and paste it into the command field (not sure which one works best but all of them are said to work)
3. Save and reboot your router.

Here are the choices of code:

echo 1 > /proc/sys/net/ipv4/icmpechoignorebroadcasts
echo 1 > /proc/sys/net/ipv4/icmpignoreboguserrorresponses
echo ’600 1800 120 60 120 120 10 60 30 120′ > /proc/sys/net/ipv4/ipconntracktcptimeouts

or

echo 4096 > /proc/sys/net/ipv4/ipconntrackmax
echo 1 > /proc/sys/net/ipv4/icmpechoignorebroadcasts
echo 1 > /proc/sys/net/ipv4/icmpignoreboguserrorresponses
echo 512 > /proc/sys/net/ipv4/neigh/default/gcthresh1
echo 2048 > /proc/sys/net/ipv4/neigh/default/gcthresh2
echo 4096 > /proc/sys/net/ipv4/neigh/default/gcthresh3
echo “600 1800 120 60 120 120 10 60 30 120″ > /proc/sys/net/ipv4/ipconntracktcp_timeouts

or

echo 2048 > /proc/sys/net/ipv4/ipconntrackmax
echo 2048 > /proc/sys/net/ipv4/tcpmaxorphans
echo 512 > /proc/sys/kernel/threads-max
echo 0 > /proc/sys/net/ipv4/tcporphanretries
echo 1 > /proc/sys/net/ipv4/tcpabortonoverflow
echo “60 180″ > /proc/sys/net/ipv4/ipconntrackudptimeouts
echo 1 > /proc/sys/net/ipv4/icmpechoignorebroadcasts
echo 1 > /proc/sys/net/ipv4/icmpignoreboguserrorresponses
echo “300 1800 120 60 120 120 10 60 30 120″ > /proc/sys/net/ipv4/ipconntracktcptimeouts

or

echo 2048 > /proc/sys/net/ipv4/ipconntrackmax
echo 2048 > /proc/sys/net/ipv4/tcpmaxorphans
echo 512 > /proc/sys/kernel/threads-max
echo 4096 > /proc/sys/fs/file-max
echo 0 > /proc/sys/net/ipv4/tcporphanretries
echo 1 > /proc/sys/net/ipv4/tcpabortonoverflow
echo “60 180″ > /proc/sys/net/ipv4/ipconntrackudptimeouts
echo “300 2400 120 60 120 120 10 60 30 120″ > /proc/sys/net/ipv4/ipconntracktcptimeouts
echo “50 500 0 0 200 1000 60 20 0″ > /proc/sys/vm/bdflush
echo “0 0″ > /proc/sys/vm/pagetablecache

UPDATE

A little bird told me that doing a paste on the web GUI startup textfield may truncate some characters, while this may or may not be an issue, it’s better to play it safe and enter these manually via SSH

This is [roughly] how your SSH session should go:

~ # nvram set rc_startup=”

echo 1 > /proc/sys/net/ipv4/icmpechoignorebroadcasts
echo 1 > /proc/sys/net/ipv4/icmpignoreboguserrorresponses
echo ’600 1800 120 60 120 120 10 60 30 120′ > /proc/sys/net/ipv4/ipconntracktcptimeouts
“
~ # nvram commit
~ # reboot

Also, it’s worth mentioning that you should set your “maximum ports” in the administration page to 4096 (default is 512 I believe)

post updated on February 10, 2009 @ 6:36 am