RouterTech Firmware 2.91.1 Discussion

All about firmwares for routers. Support for RouterTech firmwares is here too.
Post Reply
User avatar
eua
Novice
Novice
Posts: 36
Joined: Mon May 18, 2009 4:24 pm
Location: Istanbul, Turkey
Contact:

Re: RouterTech Firmware 2.91.1 Discussion

Post by eua » Sat Oct 03, 2009 4:20 pm

If you have chance (like ability to solder etc.) you could consider to install 64MB RAM to your router. >:)
Router RAM Upgrade
mstombs
RouterTech Team
RouterTech Team
Posts: 3753
Joined: Wed Jan 10, 2007 11:54 pm

Re: RouterTech Firmware 2.91.1 Discussion

Post by mstombs » Sat Oct 03, 2009 4:21 pm

@gibran

Lots of questions:- some answers

The second instance of thttpd when viewing diagnostics is due to the viewing mechanism

telnetd runs in 'inetd' mode, the binary is only run on demand - the inetd daemon is cm_pc I believe.

There is a memory allocation per contrack entry - I've seen a message somewhere, I think 8192 is far too high for your ram challenged router

What kind of bridged mode ar you considering? PPPOE full bridge mode should not need conntrack. I tend to run my larger ram modem in RouterTech pppoa half-bridge mode, with as much turned off as possible - it currently reports this process/memory usage:-

Code: Select all

Mem: 10844K used, 3240K free, 0K shrd, 1308K buff, 4364K cached
CPU:  0.5% usr  0.5% sys  0.0% nic 98.8% idle  0.0% io  0.0% irq  0.0% sirq
Load average: 0.00 0.00 0.00 2/18 663
  PID  PPID USER     STAT   VSZ %MEM %CPU COMMAND
  660    92 root     S     1408  9.9  0.5 /usr/sbin/dropbear
  663   661 root     R     1048  7.4  0.4 top
   94    92 root     S     3640 25.7  0.0 /usr/bin/cm_logic -m /dev/ticfg -c /et
  248    92 root     S     2392 16.9  0.0 /usr/sbin/pppd plugin pppoa 0.38 user
   92     1 root     S     2092 14.8  0.0 /usr/bin/cm_pc
   91     1 root     S     1204  8.5  0.0 /usr/sbin/thttpd -d /usr/www -u root -
  661   660 root     S     1056  7.4  0.0 -sh
  351     1 root     S     1048  7.4  0.0 crond -b
    1     0 root     S     1040  7.3  0.0 init
  190     1 root     S     1040  7.3  0.0 init
  455     1 root     S      684  4.8  0.0 /usr/sbin/udhcpd /var/tmp/pppHBdhcpd.c
    3     0 root     SWN      0  0.0  0.0 [ksoftirqd_CPU0]
    8     1 root     SW       0  0.0  0.0 [mtdblockd]
    7     1 root     SW       0  0.0  0.0 [cifsoplockd]
    6     0 root     SW       0  0.0  0.0 [kupdated]
    2     1 root     SW       0  0.0  0.0 [keventd]
    4     0 root     SW       0  0.0  0.0 [kswapd]
    5     0 root     SW       0  0.0  0.0 [bdflush]
I am never too sure how much of the cache and buffers memory is actually available - but there is masses of free ram the Linux OS can't find a use for!

I connected by ssh, which also runs in inted mode, on demand.

I guess the biggest service you could disable would be the web interface, there is also a small "upgrader" binary installed on the ram disk /var which can be deleted if you do not intend to web upgrade. I also use crond to log stats, the above info is after 44 hours continuous operation without disconnect.
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: RouterTech Firmware 2.91.1 Discussion

Post by thechief » Sat Oct 03, 2009 4:29 pm

eua wrote:If you have chance (like ability to solder etc.) you could consider to install 64MB RAM to your router. >:)
Router RAM Upgrade
Surely it's cheaper and easier to buy some el-cheapo on Ebay? Apart from that, adding extra RAM to the router is not guaranteed to work - particularly, you might need to upgrade your bootloader.
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
gibran
Novice
Novice
Posts: 11
Joined: Sat Jun 30, 2007 6:42 pm

Re: RouterTech Firmware 2.91.1 Discussion

Post by gibran » Sat Oct 03, 2009 5:06 pm

mstombs wrote:@gibran

Lots of questions:- some answers

The second instance of thttpd when viewing diagnostics is due to the viewing mechanism

telnetd runs in 'inetd' mode, the binary is only run on demand - the inetd daemon is cm_pc I believe.

There is a memory allocation per contrack entry - I've seen a message somewhere, I think 8192 is far too high for your ram challenged router
Thanks for the infos.
My dlink mem and ps info are:

Code: Select all

~ # mem
        total:    used:    free:  shared: buffers:  cached:
Mem:   6414336  6070272   344064        0   208896  2252800
Swap:        0        0        0
MemTotal:         6264 kB
MemFree:           336 kB
MemShared:           0 kB
Buffers:           204 kB
Cached:           2200 kB
SwapCached:          0 kB
Active:           2084 kB
Inactive:         1432 kB
HighTotal:           0 kB
HighFree:            0 kB
LowTotal:         6264 kB
LowFree:           336 kB
SwapTotal:           0 kB
SwapFree:            0 kB
~ # ps
  PID USER       VSZ STAT COMMAND
    1 root       972 S    init
    2 root         0 SW   [keventd]
    3 root         0 SWN  [ksoftirqd_CPU0]
    4 root         0 SW   [kswapd]
    5 root         0 SW   [bdflush]
    6 root         0 SW   [kupdated]
    7 root         0 SW   [mtdblockd]
   81 root      1228 S    /usr/sbin/thttpd -d /usr/www -u root -p 80 -c /cgi-bi
   83 root      2064 S    /usr/bin/cm_pc
   85 root      3464 S    /usr/bin/cm_logic -m /dev/ticfg -c /etc/config.xml
  180 root       972 S    init
  770 root       628 R    /sbin/utelnetd
  771 root       988 S    -sh
  783 root       972 R    ps
If the allocation is dynamic would my 320k be enough for the 3079 default? I will lower the value if advised and buy another router to use for modem purposes as suggested.
Is there some rule to estimate the max contrack based on free memory?
mstombs wrote: What kind of bridged mode ar you considering? PPPOE full bridge mode should not need conntrack. I tend to run my larger ram modem in RouterTech pppoa half-bridge mode, with as much turned off as possible - it currently reports this process/memory usage:-


I am never too sure how much of the cache and buffers memory is actually available - but there is masses of free ram the Linux OS can't find a use for!

I connected by ssh, which also runs in inted mode, on demand.

I guess the biggest service you could disable would be the web interface, there is also a small "upgrader" binary installed on the ram disk /var which can be deleted if you do not intend to web upgrade. I also use crond to log stats, the above info is after 44 hours continuous operation without disconnect.

I was referring to my current config, Dlink is set to

Connection type: bridge
Sharing disabled (I was not able to find info about that setting)

Dlink is attached on a buffalo WRH-G54S (16 Mb; 6 Mb free) set to gateway and PPPoE (conntrack currently set to 3079)

Originally the advice to set the modem to bridge came with buffalo g54s manual. there were not much info other than having a modem (dlink in my case) with NAT enabled could cause issue with its branded firmware (now superseded by an opensource firmware).

ATM I'm not able to understand if the dlink specs could possibly cause a bottleneck with my current setup.

If setting Dlink-320T to Bridge connection type delegate the connection tracking to WRH-G54S could I avoid to find a substitutive device?
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: RouterTech Firmware 2.91.1 Discussion

Post by thechief » Sat Oct 03, 2009 5:48 pm

The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
gibran
Novice
Novice
Posts: 11
Joined: Sat Jun 30, 2007 6:42 pm

Re: RouterTech Firmware 2.91.1 Discussion

Post by gibran » Sat Oct 03, 2009 6:55 pm

thechief wrote:WRT conntrack, this might help: http://iptables-tutorial.frozentux.net/ ... x1309.html

Thanks

It looks like 8192 is too much for both appliances. :shock:
From: http://iptables-tutorial.frozentux.net/ ... x1309.html

How many connections that the connection tracking table can hold depends upon a variable that can be set through the ip-sysctl functions in recent kernels. The default value held by this entry varies heavily depending on how much memory you have. On 128 MB of RAM you will get 8192 possible entries, and at 256 MB of RAM, you will get 16376 entries
Though it also mention that the value is automatically calculated by the kernel.

:?: Was 3079 ip_conntrack_max I got on the dlink automatically calculated as well?

Following the conntrack lead I found Memory usage/tuning for ip_conntrack

it mention that /proc/slabinfo provide a way to know how much memory is used by each tracked connection

Code: Select all

ip_conntrack           2     10    384    1    1    1
if so the mem required is 384 bytes for each connection.

using 344064 (free) provided by mem that would give me about 896 connections.

According to the info provided elsewhere buckets stands for hashsize and if I did not misinterpret the number of currently allocated buckets can be read from /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets

Code: Select all

/var # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets
128
The number of buckets allocated on my dlink are 128

The first resource I found mention that the conntrack max is usually eight times the bucket value (though it is advised to set a 2:1 ration on less memory constrained systems like PCs)



If I did not misunderstand in my case would be 1024 (128 * 8 ) max but actually less than 896 due to free-memory constraints.

:?: Is that correct?
:?: Would setting dlink to bridge connection type allow me to bypass those hardware-related limitations?
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: RouterTech Firmware 2.91.1 Discussion

Post by thechief » Sat Oct 03, 2009 9:28 pm

Don't understand most of this. You might want to ask these questions on a dedicated Linux networking newsgroup!
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
gibran
Novice
Novice
Posts: 11
Joined: Sat Jun 30, 2007 6:42 pm

Re: RouterTech Firmware 2.91.1 Discussion

Post by gibran » Sat Oct 03, 2009 10:58 pm

thechief wrote:You might want to ask these questions on a dedicated Linux networking newsgroup!
I will search around for a newsgroup.

Could you confirm if ip_conntrack_buckets (128) and ip_conntrack_max (3079) have different values on your router than on my 8 MB dlink?

I would appreciate such hint.
mstombs
RouterTech Team
RouterTech Team
Posts: 3753
Joined: Wed Jan 10, 2007 11:54 pm

Re: RouterTech Firmware 2.91.1 Discussion

Post by mstombs » Sun Oct 04, 2009 10:45 am

I'm pretty sure running the modem in pppoe bridge mode is best if you have a router. If you have 3rd party firmware on the router it is easy to add a couple of firewall commands to still connect to the modem and check its memory usage. If your router can run Tomato, for example, you can graphically view and tune a lot of the tcp settings.
User avatar
acrux
Novice
Novice
Posts: 15
Joined: Thu Aug 03, 2006 11:50 pm
Location: Naples, IT

Re: RouterTech Firmware 2.91.1 Discussion

Post by acrux » Sun Oct 04, 2009 10:52 am

Roper FLYNET ADSL2/2+ Wireless Router (ROADSL2P-WG) upgraded to 2.91.1 release (routertech-ar7wrd-pspboot-firmware-20090922.zip) with no problem.

thank you!
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: RouterTech Firmware 2.91.1 Discussion

Post by thechief » Sun Oct 04, 2009 1:29 pm

gibran wrote:
thechief wrote:You might want to ask these questions on a dedicated Linux networking newsgroup!
I will search around for a newsgroup.

Could you confirm if ip_conntrack_buckets (128) and ip_conntrack_max (3079) have different values on your router than on my 8 MB dlink?

I would appreciate such hint.
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets = 256
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max = 6151 (set by RT firmware during init - as is your 3079).
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: RouterTech Firmware 2.91.1 Discussion

Post by thechief » Sun Oct 04, 2009 1:30 pm

acrux wrote:Roper FLYNET ADSL2/2+ Wireless Router (ROADSL2P-WG) upgraded to 2.91.1 release (routertech-ar7wrd-pspboot-firmware-20090922.zip) with no problem.

thank you!
Excellent!
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
gibran
Novice
Novice
Posts: 11
Joined: Sat Jun 30, 2007 6:42 pm

Re: RouterTech Firmware 2.91.1 Discussion

Post by gibran » Sun Oct 04, 2009 1:40 pm

mstombs wrote:I'm pretty sure running the modem in pppoe bridge mode is best if you have a router. If you have 3rd party firmware on the router it is easy to add a couple of firewall commands to still connect to the modem and check its memory usage. If your router can run Tomato, for example, you can graphically view and tune a lot of the tcp settings.
Indeed I installed Tomato on that router though to figure out how to adapt those firewall rules to access the modem webif took me an entire day whereas I tried unsuccessfully other times for an entire year only to give up. :(

Months ago if I had to check the modem settings I had to connect the modem directly to a PC :oops:

Though I have still a lot to learn about linux based firmwares I soon appreciated the efforts of this and other teams offering security and usability updates with continual development and support (Thanks)

The reason I started looking into conntrack was DLink 320T, the reason it is unreliable paper where the author was running DSL-320T with a stock firmware in bridged mode (though attached to a PC).

Relying on those info I assumed that the DSL-320 limitations would apply also to upstream appliances even in bridged mode although it is still counterintuitive for me.

I'll try to carry a stress-test and check dlink log for related warnings.

EDIT: After some testing I found out I failed to properly read that paper. :oops:
Last edited by gibran on Sun Oct 04, 2009 2:59 pm, edited 2 times in total.
gibran
Novice
Novice
Posts: 11
Joined: Sat Jun 30, 2007 6:42 pm

Re: RouterTech Firmware 2.91.1 Discussion

Post by gibran » Sun Oct 04, 2009 1:51 pm

thechief wrote: cat /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets = 256
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max = 6151 (set by RT firmware during init - as is your 3079).
Thanks,

I will leave mine to the defaults and avoid fiddling with the /proc-s


Meanwhile I guess I can indirectly confirm if the memory constraints of my modem apply also to bridge connection type by running a network intensive app and confirm a capping at 3079.

EDIT: The modem conntrack limits do not apply in bridged mode.

It was my mistake to assume so as it was also pointed out in the resource I blatantly misinterpreted.
From: http://www.csc.liv.ac.uk/~greg/projects/dlink.html

Even seeing this problem is itself an error, as this is supposed to be a bridging modem. For some reason, the modem contains a NATing rule which NATs all outgoing connections. This rule can be safely removed.
The scenario described applied only to the dlink stock firmware due to mis-configured defaults.

Sorry to have dragged you all in my negligent confusion. :oops:

And thanks again for the indulgent help.
Last edited by gibran on Mon Oct 05, 2009 12:57 am, edited 1 time in total.
mstombs
RouterTech Team
RouterTech Team
Posts: 3753
Joined: Wed Jan 10, 2007 11:54 pm

Re: RouterTech Firmware 2.91.1 Discussion

Post by mstombs » Sun Oct 04, 2009 5:08 pm

There is a big difference between pppoe full bridge and pppoa half bridge. In the example Greg gives the modem is a router doing D-Link's implementation of half-bridge ZipB - I believe D-Link have actually fixed the issue of running NAT when they do not need to in more recent firmwares.
Post Reply