Jump to content

Number of connections


onetti

Recommended Posts

Hello,

I'm trying to refine my client settings to get it closer to the actual hardware capabilities I have.

One of the things is number of connections.

I would like to confirm, based upon some of the boot log entries below, that my modem is capable of only 32 simultaneously connections:

Sep 8 08:02:32 user warn kernel: PID hash table entries: 32 (order 5: 256 bytes)

Sep 8 08:02:32 user warn kernel: Dentry cache hash table entries: 2048 (order: 1, 8192 bytes)

Sep 8 08:02:32 user warn kernel: Inode-cache hash table entries: 1024 (order: 0, 4096 bytes)

Sep 8 08:02:32 user warn kernel: ip_tables: © 2000-2002 Netfilter core team

Sep 8 08:02:32 user warn kernel: ip_conntrack version 2.1 (61 buckets, 0 max) - 376 bytes per conntrack

Sep 8 08:02:32 user warn kernel: ip_conntrack_pptp version 2.1 loaded

Sep 8 08:02:32 user crit kernel: ADSL G.994 training

Sep 8 08:02:32 user warn kernel: ip_nat_pptp version 2.0 loaded

Sep 8 08:02:32 user warn kernel: BRCM NAT Caching v1.0 Nov 20 2007 10:22:27

Sep 8 08:02:32 user warn kernel: BRCM NAT Cache: Hooking hit function @ c0096088

Sep 8 08:02:32 user crit kernel: ADSL G.992 started

This is a subset I've chosen from all the boot display entries. If you feel you miss some others to answer my question, please let me know and I'll show them.

Link to comment
Share on other sites

Assuming that, yes, my maximum number of simultaneous connections is 32, then my next questions would be:

1) Should I reset net.max_halfopen to 32?

2) Should I reset Preferences/Bandwidth/Global Maximum Number of Connections to 32?

3) Should I leave all other settings as they are, or should I re-arrange them to fit that limit? What criteria should I apply in order to re-arrange the other settings?

What I mean with this last item is that if is it worth running the client under a given settings profile that was initially driven by a maximum upload speed value that seems to assume that a certain minimum of simultaneous connections will be allowed. In other words, should I keep driving my choice of correct settings only by my max upload speed, or should I also drive it by max number of connections? If this is the case, then, according to conservative settings chart, I would have to switch from my current 448 kbit/s to the 96 kbit/s entry. Is this correct?

My current settings follow below:

CONNECTION - 1Mb/260 Kb DSL connection monitored by RouterStats

NETWORK -

Modem – Dlink 500B – Port-forwarding to laptop

Router – Dlink DI524 – Wireless capability turned off, only used to connect laptop and desktop to modem, both on Ethernet; DHCP and NAT disabled

Laptop – Vista SP2 – where uTorrent runs 24x7

Desktop – XP – Rarely turned on

CONNECTION - 1Mb/260 Kb DSL connection monitored by RouterStats which showed no evidence of physical issues during those two weeks (normal noise and attenuation values)

NETWORK -

Modem – Dlink 500B – Port-forwarding to laptop

Router – Dlink DI524 – Wireless capability turned off, only used to connect laptop and desktop to modem, both on Ethernet; DHCP and NAT disabled

Laptop – Vista SP2 – where uTorrent runs 24x7

Desktop – XP – Rarely turned on

CLIENT SETUP

uTorrent Version 2.0.4 build 21586

Network Status bar light – Green

Port Checker - Green

Connection – UpnP, NAT-PMP off, Add Windows Firewall exception on

Bandwidth –

Max Upload – 40KB/s

Max Download – 60

Apply both rate limits on

Number of connections –

Global max number – 100

Peers/torrent - 40

Slots/torrent – 4

Aditional slots on

Bittorrent – All checked except "Limit local peer bandwidth"

Queue –

Max active – 3

Max Active Downloads – 2

Seeding tasks get higher priority – On

Scheduller – on

Advanced

Bt.transp-disposition – 31

Net.max-halfopen – 100

Link to comment
Share on other sites

Lower net.max_halfopen and bt.transp_disposition both to only 1.

Disable DHT (both kinds), LPD, Resolve IPs, and even Teredo/IPv6.

Global connection max probably shouldn't be higher than 30 and connections per torrent needs to be at least slightly less than that if you do more than 1 torrent at once.

Link to comment
Share on other sites

First of all, I would like to stress that I wasn't under a troubleshooting condition.

I was getting flat download and upload lines up to the limits I've set, most of the times.

The only thing that I observed was that usually when there was more than one active torrent uploading, only one would get most of the speed, the others remaining at very low speeds - only rarely they would get fairly distributed parts of the upload band.

I didn't exactly understood the reasons for the changes you suggested - but I did them and what I've got was a radical drop of performance, the torrents took longer to get some speed, and it never raised closer to my speed max limits. So, after some five minutes I started undoing the changes.

I started from restoring bt.transp_disposition back to 31, and apparently that change was enough to bring my client back to its original "good" performance.

The other changes you've suggested are still in place - except the Teredo one, I couldn't find the place to set it, where it is?

So far so good, and apparently they've succeeded in level the way band is distributed among active torrents, but I'm running this last configuration only for some 10 minutes, so I couldn't say for sure if it is just a cohincidence or not.

Could you better explain the reasons that underlie each one of the changes you've suggested? I would appreciate that.

EDIT: (i Specially didn't understand why net.max_halfopen should be such a lower number as "1", and not 32, for example, considering my router capacity of 32 simultaneous connections)

Link to comment
Share on other sites

BIG mistake on my part, sorry!

bt.transp_disposition should not be changed to 1. :P

OOPS!

I should have put bt.connect_speed there. bt.connect_speed = how fast to attempt new peer/seed connections outgoing, per second. Even 4 per second could add up to many 1000's attempted in an hour.

bt.transp_disposition should not be changed from default -- change that indirectly instead via checking/unchecking bandwidth management in Pref, BitTorrent window.

If your modem really can't handle more than ~32 connections at once, you have to limit everything such that in TOTAL they don't exceed that amount.

DHT, Local Peer Discovery, and Resolve IPs all make additional connections that could randomly exceed (in total) your ~32 limit.

Global max connections and max connections per torrent should be self-explanatory -- but do note that incoming connections may briefly cause uTorrent to exceed those limits.

net.max_halfopen is how many NEW outgoing TCP connection attempts to be making at once.

This doesn't count incoming connection attempts, existing already-fully-connected peers/seeds, or uTP connection attempts.

Teredo is part of Windows, not a part of uTorrent. It must be disabled in Windows...which isn't easy to do and varies from windows version-to-version. :(

Link to comment
Share on other sites

No problem.

Meanwhile, trying to go a little bit further on that, I came to the ip_conntrack_max constant that is also supposed to establish the limit of simultaneous connections in the modem.

In my case, this constant shows 1000.

But it was also said that this alone isn't enough to conclude anything about the actual limit of simultaneous connections, and that one should also take the hash size and a bunch of time-limits into consideration, so I found it better to give up trying to understand it, and stop dreaming about seeing things where probably there aren't, and I'm willing to accept that basically my modem is a little piece of s...., and, since everything was more a less working before I initiated this post, I decided to get back to those initial configurations, as stated in my first message.

This rollback was done a couple of days ago, and by looking at modem log, I can't see any evidence that it is reaching that limit - provided that the modem would log it, which I think and hope it does.

My next step on this point would be aquiring new network hardware in a more selective way.

Thanks for your help anyway.

Link to comment
Share on other sites

The modem's flaw is probably in storing disconnected ip information in that 1000 limit and not gracefully dropping them from its tables when NEW connections are added.

It's easy to count to 1000 in an hour, which is probably how LONG TCP/UDP timeouts are set to deep in the modem's firmware. So even if there's a "trickle-rate" of new connections, 1000+ are reached before the old disconnected ip information is forgotten. Were it possible to lower TCP/UDP timeouts to 1-5 minutes each, you'd probably see fewer problems.

Link to comment
Share on other sites

I see what you mean, the longer a connection remains active, the shorter the tables overflow.

By lowering the TCP/UDP timeouts, you mean one or more of the values below, don't you?

/proc/sys/net/ipv4/netfilter/ip_conntrack_generic_timeout 600

/proc/sys/net/ipv4/netfilter/ip_conntrack_icmp_timeout 4

/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close 10

/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close 10

/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close_wait 60

/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established 432000

/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_sent 120

/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_recv 60

/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_fin_wait 120

/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait 120

/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_last_ack 30

/proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout 30

/proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream 180

I took them from my router thru a telnet session, but I don't quite understand them, are they in seconds, minutes, hours?

Do they look reasonable according to your suggestion?

Am I miss any other variable that should be taken in account too?

Link to comment
Share on other sites

Those look reasonable, but I think you may have 1 detail backwards...

"I see what you mean, the longer a connection remains active, the shorter the tables overflow."

Makes it sound like the tables overflow quicker from long-lived connections. But it's the reverse that's true -- unstable peers/seeds that are constantly disconnecting and reconnecting to you are MORE likely to flood out the table.

Link to comment
Share on other sites

"But it's the reverse that's true"

Oops... ok then, I think.

I wonder if I could plot that connection behaviour along the time by using Wireshark, where I'd have a display filter UDP or TCP, and then I'd use the Statistics IO graph with Y axis unit being Packets/Tick. Would packets/tick correspond to tcp/udp connections?

If so, I could use this tool to monitor the changes either in the modem setup as well as in utorrent

Link to comment
Share on other sites

...so, we reach, again, the poor-quality routing software / hardware issue, and Wireshark wouldn't allow me to precisely track the connections been made.

Which leads me into another direction, that is, how to bypass my poor routing software (currently on top of my dlink modem), and still profit from sharing my internet connection between two pc's.

Some further research show me the possibility of implementing a better routing software into one pc and use the modem solely as it is, just a modem.

In my case, since I don't have for now an extra low power-consumption pc, I'm thinking of using VmWare to create a virtual linux box on my 24x7 laptop(the one where utorrent lies), and to install on it Pfsense - which is, I believe, a much better firewall and router software - and have the other dlink device, the wireless router, stand just as a hub to get all network devices connected.

Obviously I don't intend with this to suddenly increase the number of simultaneous connections, since I'm ultimately throttled either by a slow upload speed and by my ISP. But, at least, I would be running on a more reliable routing application, thus eliminating - or, at least, reducing - possible dlink routing issues, and, at the same time, getting a much deeper inside of what's going on my networking - I think one of pfsense status windows shows exactly what I wanted to know, that is, the current and past number of simultaneous connections, and which I believe is the one that stands as "Firewall States" or something like this.

What do you think?

Link to comment
Share on other sites

Putting the modem-router into bridged mode could make it even more unreliable, if it works at all. :(

Try testing it, it should be easily possible to set back if it blocks internet access.

/proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout 30

/proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream 180

I'm pretty sure those are in seconds.

See if your router has SPI - Stateful Packet Inspection (also called its "firewall"). If so, disable that, as inspecting EVERY packet when uTorrent is active is probably very hard on it. That alone may alleviate or solve your problems.

Link to comment
Share on other sites

Well, for now, everything seems to be going fine. I did some changes in the values you initially suggested, and I'm getting flat download and upload graph lines stretched to the upper limits I've set up, and this for some 3 or 4 days.

(See my current settings at bottom)

As for my idea of adding a virtual Linux box to provide a much better routing application, I found out that I don't meet the minimum requirements: virtualization applications such as VMWare or Virtual PC require a 64-bit version of Vista, which I don't have. Besides, running a firewall on a virtualized linux box seems not to be a safe solution (certainly from the corporate standpoint, but, who knows...)

Anyway, I'm very excited in going into this direction as soon as I get an old PC, onto which I would then add Pfsense or Monowall. I believe that this would eliminate any possibility of poor routing software failures, and at the same time, I would be profiting from a higher ability to manage and customize the routing routine settings.

I understand that this won't be the silver bullet, that it will suddenly allow me to multiply the number of simultaneous connections, but, at least, it will be a much more manageable and transparent solution.

I would appreciate hearing your opinion on this solution, and also to better understand what did you mean by "Putting the modem-router into bridged mode could make it even more unreliable, if it works at all."

Here are my current settings:

(please, take note that I've changed the shinning-shitty dlink for an old broken-case speedstream, that has more than 10 years of continuous operation, under total careless circunstances, but still seems to work fine, which is amazing)

CONNECTION - 1Mb/300 Kb DSL connection monitored by RouterStats

NETWORK -

Modem – Siemens Speedstream 5200 – Port-forwarding to laptop; firewall off

Router – Dlink DI524 – Wireless capability turned off, only used to connect laptop and desktop to modem, both on Ethernet; DHCP and NAT disabled

Laptop – Vista SP2 – where uTorrent runs 24x7; Comodo Firewall; Avira anti-virus

Desktop – XP – Rarely turned on

CLIENT SETUP

uTorrent Version 2.0.4 build 22150

Network Status bar light – Green

Port Checker - Green

Connection – UpnP, NAT-PMP, Randomize port off, Add Windows Firewall exception on, Proxy Server none

Bandwidth –

Max Upload – 31 KB/s; Alternate upload rate 40

Max Download – 50

Apply both rate limits on

Number of connections –

Global max number – 80

Peers/torrent - 35

Slots/torrent – 3

Aditional slots on

Bittorrent – All checked except "Limit local peer bandwidth"; Protocol Encryption and legacy connections Enabled

Queue –

Max active – 3

Max Active Downloads – 2

Seeding tasks get higher priority – On

Scheduller – on

Advanced

bt.connect_speed - 3

net.max-halfopen – 8

all the rest at default settings

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...