RouterTech Firmware 2.91.1 Discussion
Re: RouterTech Firmware 2.91.1 Discussion
If you have chance (like ability to solder etc.) you could consider to install 64MB RAM to your router. >:)
Router RAM Upgrade
Router RAM Upgrade
Re: RouterTech Firmware 2.91.1 Discussion
@gibran
Lots of questions:- some answers
The second instance of thttpd when viewing diagnostics is due to the viewing mechanism
telnetd runs in 'inetd' mode, the binary is only run on demand - the inetd daemon is cm_pc I believe.
There is a memory allocation per contrack entry - I've seen a message somewhere, I think 8192 is far too high for your ram challenged router
What kind of bridged mode ar you considering? PPPOE full bridge mode should not need conntrack. I tend to run my larger ram modem in RouterTech pppoa half-bridge mode, with as much turned off as possible - it currently reports this process/memory usage:-
I am never too sure how much of the cache and buffers memory is actually available - but there is masses of free ram the Linux OS can't find a use for!
I connected by ssh, which also runs in inted mode, on demand.
I guess the biggest service you could disable would be the web interface, there is also a small "upgrader" binary installed on the ram disk /var which can be deleted if you do not intend to web upgrade. I also use crond to log stats, the above info is after 44 hours continuous operation without disconnect.
Lots of questions:- some answers
The second instance of thttpd when viewing diagnostics is due to the viewing mechanism
telnetd runs in 'inetd' mode, the binary is only run on demand - the inetd daemon is cm_pc I believe.
There is a memory allocation per contrack entry - I've seen a message somewhere, I think 8192 is far too high for your ram challenged router
What kind of bridged mode ar you considering? PPPOE full bridge mode should not need conntrack. I tend to run my larger ram modem in RouterTech pppoa half-bridge mode, with as much turned off as possible - it currently reports this process/memory usage:-
Code: Select all
Mem: 10844K used, 3240K free, 0K shrd, 1308K buff, 4364K cached
CPU: 0.5% usr 0.5% sys 0.0% nic 98.8% idle 0.0% io 0.0% irq 0.0% sirq
Load average: 0.00 0.00 0.00 2/18 663
PID PPID USER STAT VSZ %MEM %CPU COMMAND
660 92 root S 1408 9.9 0.5 /usr/sbin/dropbear
663 661 root R 1048 7.4 0.4 top
94 92 root S 3640 25.7 0.0 /usr/bin/cm_logic -m /dev/ticfg -c /et
248 92 root S 2392 16.9 0.0 /usr/sbin/pppd plugin pppoa 0.38 user
92 1 root S 2092 14.8 0.0 /usr/bin/cm_pc
91 1 root S 1204 8.5 0.0 /usr/sbin/thttpd -d /usr/www -u root -
661 660 root S 1056 7.4 0.0 -sh
351 1 root S 1048 7.4 0.0 crond -b
1 0 root S 1040 7.3 0.0 init
190 1 root S 1040 7.3 0.0 init
455 1 root S 684 4.8 0.0 /usr/sbin/udhcpd /var/tmp/pppHBdhcpd.c
3 0 root SWN 0 0.0 0.0 [ksoftirqd_CPU0]
8 1 root SW 0 0.0 0.0 [mtdblockd]
7 1 root SW 0 0.0 0.0 [cifsoplockd]
6 0 root SW 0 0.0 0.0 [kupdated]
2 1 root SW 0 0.0 0.0 [keventd]
4 0 root SW 0 0.0 0.0 [kswapd]
5 0 root SW 0 0.0 0.0 [bdflush]
I connected by ssh, which also runs in inted mode, on demand.
I guess the biggest service you could disable would be the web interface, there is also a small "upgrader" binary installed on the ram disk /var which can be deleted if you do not intend to web upgrade. I also use crond to log stats, the above info is after 44 hours continuous operation without disconnect.
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: RouterTech Firmware 2.91.1 Discussion
Surely it's cheaper and easier to buy some el-cheapo on Ebay? Apart from that, adding extra RAM to the router is not guaranteed to work - particularly, you might need to upgrade your bootloader.eua wrote:If you have chance (like ability to solder etc.) you could consider to install 64MB RAM to your router. >:)
Router RAM Upgrade
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
Re: RouterTech Firmware 2.91.1 Discussion
Thanks for the infos.mstombs wrote:@gibran
Lots of questions:- some answers
The second instance of thttpd when viewing diagnostics is due to the viewing mechanism
telnetd runs in 'inetd' mode, the binary is only run on demand - the inetd daemon is cm_pc I believe.
There is a memory allocation per contrack entry - I've seen a message somewhere, I think 8192 is far too high for your ram challenged router
My dlink mem and ps info are:
Code: Select all
~ # mem
total: used: free: shared: buffers: cached:
Mem: 6414336 6070272 344064 0 208896 2252800
Swap: 0 0 0
MemTotal: 6264 kB
MemFree: 336 kB
MemShared: 0 kB
Buffers: 204 kB
Cached: 2200 kB
SwapCached: 0 kB
Active: 2084 kB
Inactive: 1432 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 6264 kB
LowFree: 336 kB
SwapTotal: 0 kB
SwapFree: 0 kB
~ # ps
PID USER VSZ STAT COMMAND
1 root 972 S init
2 root 0 SW [keventd]
3 root 0 SWN [ksoftirqd_CPU0]
4 root 0 SW [kswapd]
5 root 0 SW [bdflush]
6 root 0 SW [kupdated]
7 root 0 SW [mtdblockd]
81 root 1228 S /usr/sbin/thttpd -d /usr/www -u root -p 80 -c /cgi-bi
83 root 2064 S /usr/bin/cm_pc
85 root 3464 S /usr/bin/cm_logic -m /dev/ticfg -c /etc/config.xml
180 root 972 S init
770 root 628 R /sbin/utelnetd
771 root 988 S -sh
783 root 972 R ps
Is there some rule to estimate the max contrack based on free memory?
mstombs wrote: What kind of bridged mode ar you considering? PPPOE full bridge mode should not need conntrack. I tend to run my larger ram modem in RouterTech pppoa half-bridge mode, with as much turned off as possible - it currently reports this process/memory usage:-
I am never too sure how much of the cache and buffers memory is actually available - but there is masses of free ram the Linux OS can't find a use for!
I connected by ssh, which also runs in inted mode, on demand.
I guess the biggest service you could disable would be the web interface, there is also a small "upgrader" binary installed on the ram disk /var which can be deleted if you do not intend to web upgrade. I also use crond to log stats, the above info is after 44 hours continuous operation without disconnect.
I was referring to my current config, Dlink is set to
Connection type: bridge
Sharing disabled (I was not able to find info about that setting)
Dlink is attached on a buffalo WRH-G54S (16 Mb; 6 Mb free) set to gateway and PPPoE (conntrack currently set to 3079)
Originally the advice to set the modem to bridge came with buffalo g54s manual. there were not much info other than having a modem (dlink in my case) with NAT enabled could cause issue with its branded firmware (now superseded by an opensource firmware).
ATM I'm not able to understand if the dlink specs could possibly cause a bottleneck with my current setup.
If setting Dlink-320T to Bridge connection type delegate the connection tracking to WRH-G54S could I avoid to find a substitutive device?
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: RouterTech Firmware 2.91.1 Discussion
WRT conntrack, this might help: http://iptables-tutorial.frozentux.net/ ... x1309.html
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
Re: RouterTech Firmware 2.91.1 Discussion
thechief wrote:WRT conntrack, this might help: http://iptables-tutorial.frozentux.net/ ... x1309.html
Thanks
It looks like 8192 is too much for both appliances.
Though it also mention that the value is automatically calculated by the kernel.From: http://iptables-tutorial.frozentux.net/ ... x1309.html
How many connections that the connection tracking table can hold depends upon a variable that can be set through the ip-sysctl functions in recent kernels. The default value held by this entry varies heavily depending on how much memory you have. On 128 MB of RAM you will get 8192 possible entries, and at 256 MB of RAM, you will get 16376 entries
Was 3079 ip_conntrack_max I got on the dlink automatically calculated as well?
Following the conntrack lead I found Memory usage/tuning for ip_conntrack
it mention that /proc/slabinfo provide a way to know how much memory is used by each tracked connection
Code: Select all
ip_conntrack 2 10 384 1 1 1
using 344064 (free) provided by mem that would give me about 896 connections.
According to the info provided elsewhere buckets stands for hashsize and if I did not misinterpret the number of currently allocated buckets can be read from /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets
Code: Select all
/var # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets
128
The first resource I found mention that the conntrack max is usually eight times the bucket value (though it is advised to set a 2:1 ration on less memory constrained systems like PCs)
If I did not misunderstand in my case would be 1024 (128 * 8 ) max but actually less than 896 due to free-memory constraints.
Is that correct?
Would setting dlink to bridge connection type allow me to bypass those hardware-related limitations?
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: RouterTech Firmware 2.91.1 Discussion
Don't understand most of this. You might want to ask these questions on a dedicated Linux networking newsgroup!
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
Re: RouterTech Firmware 2.91.1 Discussion
I will search around for a newsgroup.thechief wrote:You might want to ask these questions on a dedicated Linux networking newsgroup!
Could you confirm if ip_conntrack_buckets (128) and ip_conntrack_max (3079) have different values on your router than on my 8 MB dlink?
I would appreciate such hint.
Re: RouterTech Firmware 2.91.1 Discussion
I'm pretty sure running the modem in pppoe bridge mode is best if you have a router. If you have 3rd party firmware on the router it is easy to add a couple of firewall commands to still connect to the modem and check its memory usage. If your router can run Tomato, for example, you can graphically view and tune a lot of the tcp settings.
Re: RouterTech Firmware 2.91.1 Discussion
Roper FLYNET ADSL2/2+ Wireless Router (ROADSL2P-WG) upgraded to 2.91.1 release (routertech-ar7wrd-pspboot-firmware-20090922.zip) with no problem.
thank you!
thank you!
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: RouterTech Firmware 2.91.1 Discussion
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets = 256gibran wrote:I will search around for a newsgroup.thechief wrote:You might want to ask these questions on a dedicated Linux networking newsgroup!
Could you confirm if ip_conntrack_buckets (128) and ip_conntrack_max (3079) have different values on your router than on my 8 MB dlink?
I would appreciate such hint.
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max = 6151 (set by RT firmware during init - as is your 3079).
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: RouterTech Firmware 2.91.1 Discussion
Excellent!acrux wrote:Roper FLYNET ADSL2/2+ Wireless Router (ROADSL2P-WG) upgraded to 2.91.1 release (routertech-ar7wrd-pspboot-firmware-20090922.zip) with no problem.
thank you!
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
Re: RouterTech Firmware 2.91.1 Discussion
Indeed I installed Tomato on that router though to figure out how to adapt those firewall rules to access the modem webif took me an entire day whereas I tried unsuccessfully other times for an entire year only to give up.mstombs wrote:I'm pretty sure running the modem in pppoe bridge mode is best if you have a router. If you have 3rd party firmware on the router it is easy to add a couple of firewall commands to still connect to the modem and check its memory usage. If your router can run Tomato, for example, you can graphically view and tune a lot of the tcp settings.
Months ago if I had to check the modem settings I had to connect the modem directly to a PC
Though I have still a lot to learn about linux based firmwares I soon appreciated the efforts of this and other teams offering security and usability updates with continual development and support (Thanks)
The reason I started looking into conntrack was DLink 320T, the reason it is unreliable paper where the author was running DSL-320T with a stock firmware in bridged mode (though attached to a PC).
Relying on those info I assumed that the DSL-320 limitations would apply also to upstream appliances even in bridged mode although it is still counterintuitive for me.
I'll try to carry a stress-test and check dlink log for related warnings.
EDIT: After some testing I found out I failed to properly read that paper.
Last edited by gibran on Sun Oct 04, 2009 2:59 pm, edited 2 times in total.
Re: RouterTech Firmware 2.91.1 Discussion
Thanks,thechief wrote: cat /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets = 256
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max = 6151 (set by RT firmware during init - as is your 3079).
I will leave mine to the defaults and avoid fiddling with the /proc-s
Meanwhile I guess I can indirectly confirm if the memory constraints of my modem apply also to bridge connection type by running a network intensive app and confirm a capping at 3079.
EDIT: The modem conntrack limits do not apply in bridged mode.
It was my mistake to assume so as it was also pointed out in the resource I blatantly misinterpreted.
The scenario described applied only to the dlink stock firmware due to mis-configured defaults.From: http://www.csc.liv.ac.uk/~greg/projects/dlink.html
Even seeing this problem is itself an error, as this is supposed to be a bridging modem. For some reason, the modem contains a NATing rule which NATs all outgoing connections. This rule can be safely removed.
Sorry to have dragged you all in my negligent confusion.
And thanks again for the indulgent help.
Last edited by gibran on Mon Oct 05, 2009 12:57 am, edited 1 time in total.
Re: RouterTech Firmware 2.91.1 Discussion
There is a big difference between pppoe full bridge and pppoa half bridge. In the example Greg gives the modem is a router doing D-Link's implementation of half-bridge ZipB - I believe D-Link have actually fixed the issue of running NAT when they do not need to in more recent firmwares.