deoshermes Posted August 2, 2010 Report Share Posted August 2, 2010 I used to have an SMC7904WBRA router/ADSL2+ modem and used uTorrent without any problems and could have 10-15 active torrents with the standard 'Bandwith' settings applied in uTorrent. Suddenly about a half a year ago I started experiencing huge SYN floods that interreupted my internet connection, sometimes the router got in some loop of some sort and couldn't even access it over the network by browsing to 192.168.2.1The only option was to restart the router; this I had to do that often, the on/off button on the router broke so I needed to buy a new router.This was the slightly newer version SMC7904WBRA-N router/ADSL2+ modem. At first I could run 10-15 torrents in utorrent just like with my prior modem, but soon it started experiencing SYN floods again, and a lot of them. The upside is that this modem could restart itself most of the time so I dont need to turn it on and off again manually every single time.But now I am really starting to get sick of this behavior. I have tried lowering the number of connections, global, maximum per torrent and upload slots. global download and upload rate both limited to about 80% of my max speeds.I tried disabling my router firewall, windows firewall, enabling DMZ for the pc I use uTorrent on, and all the things recommended in the "IF YOU HAVE SPEED ISSUES READ HERE FIRST" post.Even if I set the router firewall settings to low detection criteria, it gets SYN floods, UDP floods and Smurf attacks. I don't think someone is attacking me:#1 Just last Friday my ISP changed my IP address#2 if I close uTorrent I get no SYN floods, neverSo I think uTorrent is causing these interruptions and I really don't know what to do anymore. I only use uTorrent on my Desktop computer with W7 ultimate 64bit, Intel i7 920, 6GB Kingston DDR3, 640GB WDC Green running AVG and Windows Firewall which allows uTorrent.I also have two laptops and another desktop, but the problem also occurs when they are powered off. I have a Synology DS207+ NAS that runs 24/7 and I am pretty sure it is not the cause of the problem.Current settings uTorrent: Bandwith:Max upload: 80alternate upload: uncheckedMax download: 800global max connections: 50max number connected peers per torrent: 25upload slots: 4additional slots: uncheckedConnection:I disabled UPnP port mappingdisabled NAT-PMP port mappingdisabled randomize portenabled add Windows Firewall exceptionNO ProxyMy ADSL speed: max 20Mbit down (in reality about 10Mbit) and 1Mbit up ISP: Online B.V. (Netherlands) formerly known as Orange and WanadooIn advanced set bt.connect_speed to 4set bt.tcp_rate_control to falseset bt.transp_disposition to 5net.max_halfopen to 50Using NAT I forward the proper port to my computer with static IP, tests in uTorrent turn out well, port is open and I receive incoming connections. Network status is green. DHT disabled Private trackers also work.The infamous SMC firewall settings:connection policy:Fragmentation half-open wait: 20 secsTCP SYN wait: 30 secsTCP FIN wait: 5 secsTCP connection idle timeout: 3600 secsUDP session idle timeout: 30 secsH.323 data channel idle timeout 180 secsDoS detect criteria:total incomplete TCP/UDP sessions HIGH: 300 sessiontotal incomplete TCP/UDP sessions LOW: 250 sessionincomplete TCP/UDP session per min HIGH: 250 sessionincomplete TCP/UDP session per min LOW: 200 sessionMax incomplete TCP/UDP sessions number from same host: 10Incomplete TCP/UDP sessions detect sensitive time period: 300 msecmaximum half-open fragmentation packet number from same host: 30half-open fragmentation detect sensitive time period: 10000 msecflooding cracker block time: 300 secEven when I disable "SPI and Anti-DoS firewall protection" in the Intrusion Detection Feature section the internet connection gets interrupted.RIP detect is diabledDiscard Ping to WAN Interface is enabled.SPI section:Packet Fragmentation, TCP Connection, UDP session, FTP Service, H.323 Service, TFTP Service ALL EnabledI am really tired of walking to my router every 10-15 minutes or so and resetting the thing and would like to solve this. If unable I will just buy another router, even if this one is only about 2 months old. It's annoying when I want to access my computer from a remote location and find out the connection is down.Could someone please help? I read other posts about the same problem I am having (SMC + torrent) but am unable to find a proper solution like the proper settings for the SMC firewall and/or uTorrent?Thanks!! Link to comment Share on other sites More sharing options...
Switeck Posted August 2, 2010 Report Share Posted August 2, 2010 Have you tried asking the makers of the router?...Because the router seems over-aggressive in blocking.set bt.connect_speed to 4net.max_halfopen to 50Still pretty high for halfopen (it defaults to 8!)...and lowering bt.connect_speed to 1 would at least be the lowest rate for it.set bt.transp_disposition to 5Disabling Bandwidth Management (uTP) in Preferences, BitTorrent (in uTorrent v2.x) sets bt.transp_disposition to 21. Or are you using an old version of uTorrent? Link to comment Share on other sites More sharing options...
deoshermes Posted August 2, 2010 Author Report Share Posted August 2, 2010 thanksFYI: I can change all the values/settings in the router. So if I should try change any value, you could propose something.I did contact SMC technical support, but am still waiting for a replywhat do those things actually do??bt.connect_speed net.max_halfopenbt.transp_dispositionwhen I reset net.max_halfopen the value changes to 100!! so I don't thinkg 8 is default.I run uTorrent 2.0 (build 18620) and Bandwith Management has been disabled all the time. Can't remember if it ever was enabled. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 2, 2010 Report Share Posted August 2, 2010 when I reset net.max_halfopen the value changes to 100!! so I don't thinkg 8 is default.It used to be the default, but someone with some bad information decided to change the default without realizing the implications of doing so. Link to comment Share on other sites More sharing options...
deoshermes Posted August 2, 2010 Author Report Share Posted August 2, 2010 okay,I changed the value to read 8.but still the connection popped and the router resetted itself two times already.I think I should change some values in the router Firewall settings for DoS but I don't know what to change?Any advice? Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 2, 2010 Report Share Posted August 2, 2010 Turn all the extra firewall and hack detection functions off. The NAT being provided by the router will be enough protection. Link to comment Share on other sites More sharing options...
deoshermes Posted August 2, 2010 Author Report Share Posted August 2, 2010 As i wrote before:even when I turn the firewall off, I still get disconnected etc...That's the part I don't get... How can the router drop the internet connection and restart itself based on incoming connections when its firewall is disabled? It shouldn't be able to detect SYN, UDP floods and Smurf attacks?!I find it also very weird that this problem just started to occur about 6-7 months ago, while I never changed any settings in my old SMC Barricade. Everything worked fine, I could even run more active torrents and downloads than recommended for my internet speed. Then suddenly, out of the blue, I started experiencing SYN floods. Maybe this has to do something with uTorrent, a new version or something. I don't get how it could suddenly have started to occur. Link to comment Share on other sites More sharing options...
Switeck Posted August 3, 2010 Report Share Posted August 3, 2010 uTorrent v2.0 and later uses uTP by default. It also uses Teredo/IPv6 and native IPv6 heavily (if present.) That alone could push marginal routers over the edge and/or may trigger the router's flood protection. Link to comment Share on other sites More sharing options...
deoshermes Posted August 3, 2010 Author Report Share Posted August 3, 2010 okay, so what do you mean to say?Can I disable IPv6 somewhere? I disabled it for my Lan Connection in Windows. Doesn't that mean uTorrent is also unable to use it?And what if I downloaded an older version of uTorrent? Maybe I should try that and see if the problem persists.Btw, I stumled on something else: it may be the router overheating due to the 'many' connections. So I could go for a router with a better heatsink and one that allows more connections, or I could buy a better heatsink and replace the one in my router.Honestely, I don't think it should be the heat. This problem occured spontaneously and I have had my prior router for 4-5 years now and in the first few never experienced this problem. The new router I bought a few months ago immediately started giving me this trouble. Link to comment Share on other sites More sharing options...
Switeck Posted August 3, 2010 Report Share Posted August 3, 2010 uTorrent v2.0.3 and later has an advanced feature to disable IPv6.Did you have Resolve IPs enabled in Peers window/tab? (right-click in that window to check)If that was enabled, every peer/seed that connects to you will have a whois done on it whenever you check the Peers window/tab. Link to comment Share on other sites More sharing options...
deoshermes Posted August 3, 2010 Author Report Share Posted August 3, 2010 Yeah, I tried installing the new version in which IPv6 is disabled by default. I also disabled all the local peer, peer exchange, resolve IP etc, basically everything that influenced bandwith etc.I downgraded to uTorrent 1.7.1 and the router still kept rebooting frequently. Then I decided to also downgrade the firmware from the router to the shipping firmware. This didn't solve anything so I went one version up and the problem disappeared temporary. The router didn't reboot, uTorrent ran 14 torrent (6 leeching, 8 seeding) on full speed and with many connections. I slowly increased the number of global connections and per torrent and still the router didn't reboot. Then I installed the newest version of uTorrent again and the problem came back, so I just downgraded again. I think I had an uninterrupted internet connection for about 5 to 6 hours.Just now, when I started to work from my laptop using a wireless connection, as I opened up a few web pages and MSN the router rebooted again. Maybe this was just a onetime peek that caused the incident. I will keep testing the limits to find out what exactly is causing the reboot.But as for now I can conclude that both downgrading uTorrent and SMC firmware helped. Link to comment Share on other sites More sharing options...
Switeck Posted August 5, 2010 Report Share Posted August 5, 2010 Can that router use DD-WRT or some other 3rd party firmware? Link to comment Share on other sites More sharing options...
deoshermes Posted August 5, 2010 Author Report Share Posted August 5, 2010 I'm not sure. Didn't find examples on the inet so far of people running DD-WRT on SMC thingies.But so far I haven't had problems anymore with my router. It looks like downgrading the SMC firmware and uTorrent worked. Link to comment Share on other sites More sharing options...
r3dligh7 Posted August 26, 2010 Report Share Posted August 26, 2010 I'm not sure. Didn't find examples on the inet so far of people running DD-WRT on SMC thingies.But so far I haven't had problems anymore with my router. It looks like downgrading the SMC firmware and uTorrent worked.hello Deoshermes! I've got the same problem as you had, may I ask you which firmware did you used? Thank you! Link to comment Share on other sites More sharing options...
deoshermes Posted August 28, 2010 Author Report Share Posted August 28, 2010 @r3dligh7I use v0.92 now. v0.90 had the problem that with file sharing software the router would get into a never ending loop, therefor congesting the internet traffic. v0.92 apparently had that fixed, still isn't ideal but works best: if recognizes the loop and simply restarts itself while also reducing the times it gets into the loop in the first time. I also downgraded uTorrent to 1.7.1 because using v2 in correspondence with the downgraded router didnt do it.Now it's only sometimes during the day my router restarts because the settings in my uTorrent client are still pretty high and only causes a restart with many connected peers (200+) + high use of bandwith (80%+).My uTorrent 'Bittorrent settings:global maximum: 250maximum peers per torrent: 40upload slots: 3all additional features disabled.the global max could be set to 150, and peers per torrent to 20-30 for 'better router performance'But right now everything is back to normal, I had the 'router restart problem' from time to time with this router in the past before I apparently upgraded it to v0.97 some time ago. I also had it with my older SMC Barricade router, but that one couldn't do an automatic restart after it landed in a neverending loop and had to be manually reset every time that happened.Hope these downgrades will also solve the problem for you. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 28, 2010 Report Share Posted August 28, 2010 Given the severity of the security hole that is patched in 2.0.4, I would highly recommend against using any version prior to it.This is over and above the fact that old versions of uTorrent are unsupported normally. Link to comment Share on other sites More sharing options...
deoshermes Posted August 28, 2010 Author Report Share Posted August 28, 2010 that's true, but if the new version gives me all that trouble I find it better then not to use it at all. uTorrent becomes unusable because it makes the router reboot continuously, it can't even last 5 minutes without rebooting. So something that normally takes 15 minutes to download would then take 3 hours or longer.Having said that; I rather use an older version or I don't use any version at all... Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 28, 2010 Report Share Posted August 28, 2010 And you have no way to turn off this flood protection?All it seems to be protecting you from is your ability to use the internet. Link to comment Share on other sites More sharing options...
deoshermes Posted August 28, 2010 Author Report Share Posted August 28, 2010 Yes, the flood protection as is the whole firewall in the router is turned off. The flood protection is part of the firewall; even when it's turned off I get SYN, UDP floods etc.uTorrent v2 apparently does something weird while making connections, which congests the traffic after it gets in the never ending loop. This was fixed in the SMC firmware v0.92 but in combination with uTorrent v2 it still reboots regularly which is a pain in the ass while surfing. Link to comment Share on other sites More sharing options...
Switeck Posted August 29, 2010 Report Share Posted August 29, 2010 "uTorrent v2 apparently does something weird while making connections"uTorrent v2 and later makes a *LOT* of UDP packets because uTP uses UDP.The router then detects that as "UDP floods".Disabling uTP, Resolve IPs, IPv6 (in advanced settings), and even both kinds of DHT should drop the amount of UDP packets uTorrent creates to ZERO. (You may still get UDP incoming from peers/seeds though on uTorrent's listening port.) Link to comment Share on other sites More sharing options...
deoshermes Posted August 31, 2010 Author Report Share Posted August 31, 2010 Yeah,Switeck; thanks for the suggestions. I already tried those settings, but it still makes my internet connection unusable. I even changed a couple of more advanced settings, but no luck. The solution I use now is the most stable one so I will stick to it for now. Link to comment Share on other sites More sharing options...
paintball9 Posted August 31, 2010 Report Share Posted August 31, 2010 So is it an actual reboot, or just a large delay in traffic. Eg does uTorrent continue to function when the router 'goes down'. Link to comment Share on other sites More sharing options...
Switeck Posted August 31, 2010 Report Share Posted August 31, 2010 Did you ask the maker/s of the router about these problems? Link to comment Share on other sites More sharing options...
deoshermes Posted September 1, 2010 Author Report Share Posted September 1, 2010 Yes, but they don't provide any help if the product has not been registered with them within 30 days of purchase.I registered the product after 2 months.So much for customer support... Link to comment Share on other sites More sharing options...
Switeck Posted September 1, 2010 Report Share Posted September 1, 2010 And they don't have a message forum to communicate with others that have the same products? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.