Opened 10 years ago

Closed 6 years ago

#464 closed enhancement (test_in_newer_version)

nreasonably low ip_conntrack_tcp_timeout_established

Reported by: dogun_droppa.geo@… Owned by:
Priority: normal Milestone:
Component: fon-base-firmware Version: Unknown
Severity: unknown
Cc: Hardware: unknown


This ticket is a request for the development community to evaluate the benefit of setting ip_conntrack_tcp_timeout established to 3600s.

My take: With the Fonera's keepalive interval being set as low as it is, there is almost no chance you will be reaping dysfunctional connections at 3600s - you will instead be reaping functional ones.

Perhaps there is a misguided DoS related concern - if so, I would note that at this stage in the post-DoS era, most services put relatively low limits on the number of clients they are willing to serve simultaneously and/or reap stale connections themselves. No self-respecting service is expecting a router to reap their mess for them.

Most client applications that open hundreds of connections have the same types of things built in - nobody likes hung UI, and no P2P app likes peers that just sit there not talking when it's their turn. None of these apps are hoping for a router to reap their mess for them.

All in all, I don't expect most people have a significant number of tcp connections open that are older than an hour - however, a significant number of us do have a few such connections, and low timeouts can be a real pain. Please consider setting the value to something friendlier, like 5 days.

Attachments (0)

Change History (2)

comment:1 Changed 9 years ago by matthijs

  • Milestone Requests deleted

Milestone Requests deleted

comment:2 Changed 6 years ago by matthijs

  • Hardware set to unknown
  • Resolution set to test_in_newer_version
  • Severity set to unknown
  • Status changed from new to closed
  • Type changed from task to enhancement
  • Version set to Unknown

As part of the upcoming firmware release, we're reviewing old open tickets to see if they are still relevant, which is why you get this response now.

If this issue still occurs with the rc2 firmware, feel free to leave a comment here so we can further investigate.

Add Comment

Modify Ticket

as closed The ticket will remain with no owner.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.