Menu
What's new
By:
Filters Better Search

Conntrack table memory usage

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

Denna

Senior Member
@RMerlin,

I've been looking at ways to minimize router resource usage caused by external Internet hosts.

One of the ways to minimize CPU usage and conntrack table entries was to implement the following rule.

Code: 
iptables -t mangle -I PREROUTING -i <wan_face> -m state --state NEW -j DROP

On an Asus RT-AC88U, if you run the following command ...

Code: 
sysctl net.ipv4.netfilter.ip_conntrack_max
... you get 300,000.

Does that mean this router is configured with a maximum of 300,000 simultaneous connections ?

If each conntrack entry is 350 bytes, doesn't that amount to more than 100 MB of memory usage ?

Is that right ?​
 
Last edited:
@RMerlin,

Is the above setting a typo or the expected value for Asuswrt / Asuswrt-Merlin ?​
 
It's the normal default......you can change it on the Tools > Other Settings page.
 
@john9527,

Thanks for the reply.

Are 300,000 connections for a home router really necessary ?

That's a lot of memory to be assigned to connection tracking.​
 
Denna said:
@john9527,

Thanks for the reply.

Are 300,000 connections for a home router really necessary ?

That's a lot of memory to be assigned to connection tracking.​
Click to expand...
IMHO, it's a great marketing bullet point, and nothing more. :)

I think most of the memory is dynamically allocated, so that probably isn't a big concern. If you do a search, I seem to remember a thread that discussed the other potential performance impacts of using that large a value. Personally, I have it set to the kernel default, which on my system is about 30,000. If you look on the Tools > Sysinfo page, you can see the actual number of connections you are actually using.
 
What WebGUI is reporting now ...

CNT.jpg


Alert ! Alert ! I only have 299,866 available connections left !

I seriously believe 300,000 max connections is a typo, because the CPU(s) need to support that many connections is probably not in this router. :eek:

What application(s) could possible use that many connections - streaming, gaming ? By how many clients ?
 
You must log in or register to reply here.

Similar threads

sfx2000
[update] - QTS 4.3.4.0427 build 20171223
Replies
1
Views
3K
FatherLandDescendant
F
M
Limited but effective QoS for Asus routers with CTF/hardware acceleration
Replies
14
Views
7K
ml70
M
Similar threads
Thread starter Title Forum Replies Date
H add_wlc_event_tbl(1040): client table was full Asuswrt-Merlin 0
P IPv6 routing table flags Asuswrt-Merlin 2
T Unable to edit Firewall - Network Services Filter Table on RT-AX88U Pro (fw. 388.3) Asuswrt-Merlin 30
ExtremeFiretop Multiple "WAN_Connection: Fail to connect with some issues" and "nf_conntrack: expectation table full" Asuswrt-Merlin 5
S Asus Merlin 386.10 on AC68U - keep losing port forwarding table - no data in table Asuswrt-Merlin 2
C Asuswrt-Merlin 3004.388.6 Memory Leak Asuswrt-Merlin 13
L Does the latest AsusWRT/Merlin FW has a memory leak? Asuswrt-Merlin 20
C GT-AXE 16000 Latest Merlin and latest Stock both have memory leaks Asuswrt-Merlin 4
L Why the AX88U Pro uses 28% more RAM memory than the AX88U? Asuswrt-Merlin 11
I RT-AC3200 Merlin 384.13.10 - e2fsck abort with 'Memory Allocation failed' (10 GB swapfile!) Asuswrt-Merlin 14

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 859 (members: 20, guests: 839)
Top