What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Conntrack table memory usage

D

Denna

Senior Member
@RMerlin,

I've been looking at ways to minimize router resource usage caused by external Internet hosts.

One of the ways to minimize CPU usage and conntrack table entries was to implement the following rule.

Code: 
iptables -t mangle -I PREROUTING -i <wan_face> -m state --state NEW -j DROP

On an Asus RT-AC88U, if you run the following command ...

Code: 
sysctl net.ipv4.netfilter.ip_conntrack_max
... you get 300,000.

Does that mean this router is configured with a maximum of 300,000 simultaneous connections ?

If each conntrack entry is 350 bytes, doesn't that amount to more than 100 MB of memory usage ?

Is that right ?​
 
Last edited:
@RMerlin,

Is the above setting a typo or the expected value for Asuswrt / Asuswrt-Merlin ?​
 
It's the normal default......you can change it on the Tools > Other Settings page.
 
@john9527,

Thanks for the reply.

Are 300,000 connections for a home router really necessary ?

That's a lot of memory to be assigned to connection tracking.​
 
Denna said:
@john9527,

Thanks for the reply.

Are 300,000 connections for a home router really necessary ?

That's a lot of memory to be assigned to connection tracking.​
Click to expand...
IMHO, it's a great marketing bullet point, and nothing more. :)

I think most of the memory is dynamically allocated, so that probably isn't a big concern. If you do a search, I seem to remember a thread that discussed the other potential performance impacts of using that large a value. Personally, I have it set to the kernel default, which on my system is about 30,000. If you look on the Tools > Sysinfo page, you can see the actual number of connections you are actually using.
 
What WebGUI is reporting now ...

CNT.jpg


Alert ! Alert ! I only have 299,866 available connections left !

I seriously believe 300,000 max connections is a typo, because the CPU(s) need to support that many connections is probably not in this router. :eek:

What application(s) could possible use that many connections - streaming, gaming ? By how many clients ?
 
You must log in or register to reply here.

Similar threads

sfx2000
[update] - QTS 4.3.4.0427 build 20171223
Replies
1
Views
4K
FatherLandDescendant
F
Similar threads
Thread starter Title Forum Replies Date
E GT-AX6000 - Memory Leak? Hacked? Asuswrt-Merlin 48

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 919 (members: 18, guests: 901)
Back
Top