Hi Do you block P2P traffic in your routers?, you might use module ipp2p, How many RAM do you have in your routers Linux?. Assure that MTU is configured for lower 1500 in your networks cards, in many cases 1492. On 3/5/07, John Philips <johnphilips42@xxxxxxxxx> wrote:
Hey guys, I have several Linux routers in place at high-usage locations (student apartment complexes). I'm having trouble with some of the routers which use 6Mbit DSL lines as their Internet feed. The routers use PPPoE and perform NAT. During peak usage periods, the routers are dropping alot of packets. I'm lead to believe this is because there are too many active connections. For example, when I ping the WAN IP address of one of the routers from a remote location, I may start getting replies immediately. But during peak periods, the first several pings usually time out and then they just start responding. Sometimes they start responding on the 4th ping, sometimes the 12th, etc., it's pretty random. I searched the web and tried increasing my gc_cache settings, but it didn't make a difference. echo 512 > /proc/sys/net/ipv4/neigh/default/gc_thresh1 echo 2048 > /proc/sys/net/ipv4/neigh/default/gc_thresh2 echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh3 The other notable difference is that the conntrack tables are much larger than normal. `wc -l /proc/net/ip_conntrack` returns >19000 on the routers experiencing packet loss while virtually all of the other routers (not having this issue) have less than 5000 entries in ip_conntrack. I tried increasing ip_conntrack_max in /proc, setting it to 65536 - didn't make a difference. Are there any other /proc settings I should change to improve performance? Any tips on analyzing the ip_conntrack data to find oddities? FYI I'm using kernel 2.4.25. I'd rather not upgrade to 2.6 since doing so in the past has introduced more problems! Thanks. ____________________________________________________________________________________ No need to miss a message. Get email on-the-go with Yahoo! Mail for Mobile. Get started. http://mobile.yahoo.com/mail _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
-- "The network is the computer" _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
