onetti Posted September 9, 2010 Report Share Posted September 9, 2010 Hello,I'm trying to refine my client settings to get it closer to the actual hardware capabilities I have.One of the things is number of connections.I would like to confirm, based upon some of the boot log entries below, that my modem is capable of only 32 simultaneously connections:Sep 8 08:02:32 user warn kernel: PID hash table entries: 32 (order 5: 256 bytes) Sep 8 08:02:32 user warn kernel: Dentry cache hash table entries: 2048 (order: 1, 8192 bytes) Sep 8 08:02:32 user warn kernel: Inode-cache hash table entries: 1024 (order: 0, 4096 bytes) Sep 8 08:02:32 user warn kernel: ip_tables: © 2000-2002 Netfilter core team Sep 8 08:02:32 user warn kernel: ip_conntrack version 2.1 (61 buckets, 0 max) - 376 bytes per conntrack Sep 8 08:02:32 user warn kernel: ip_conntrack_pptp version 2.1 loaded Sep 8 08:02:32 user crit kernel: ADSL G.994 training Sep 8 08:02:32 user warn kernel: ip_nat_pptp version 2.0 loaded Sep 8 08:02:32 user warn kernel: BRCM NAT Caching v1.0 Nov 20 2007 10:22:27 Sep 8 08:02:32 user warn kernel: BRCM NAT Cache: Hooking hit function @ c0096088 Sep 8 08:02:32 user crit kernel: ADSL G.992 started This is a subset I've chosen from all the boot display entries. If you feel you miss some others to answer my question, please let me know and I'll show them. Link to comment Share on other sites More sharing options...
onetti Posted September 10, 2010 Author Report Share Posted September 10, 2010 Assuming that, yes, my maximum number of simultaneous connections is 32, then my next questions would be:1) Should I reset net.max_halfopen to 32?2) Should I reset Preferences/Bandwidth/Global Maximum Number of Connections to 32?3) Should I leave all other settings as they are, or should I re-arrange them to fit that limit? What criteria should I apply in order to re-arrange the other settings? What I mean with this last item is that if is it worth running the client under a given settings profile that was initially driven by a maximum upload speed value that seems to assume that a certain minimum of simultaneous connections will be allowed. In other words, should I keep driving my choice of correct settings only by my max upload speed, or should I also drive it by max number of connections? If this is the case, then, according to conservative settings chart, I would have to switch from my current 448 kbit/s to the 96 kbit/s entry. Is this correct?My current settings follow below:CONNECTION - 1Mb/260 Kb DSL connection monitored by RouterStatsNETWORK - Modem – Dlink 500B – Port-forwarding to laptopRouter – Dlink DI524 – Wireless capability turned off, only used to connect laptop and desktop to modem, both on Ethernet; DHCP and NAT disabledLaptop – Vista SP2 – where uTorrent runs 24x7Desktop – XP – Rarely turned onCONNECTION - 1Mb/260 Kb DSL connection monitored by RouterStats which showed no evidence of physical issues during those two weeks (normal noise and attenuation values)NETWORK - Modem – Dlink 500B – Port-forwarding to laptopRouter – Dlink DI524 – Wireless capability turned off, only used to connect laptop and desktop to modem, both on Ethernet; DHCP and NAT disabledLaptop – Vista SP2 – where uTorrent runs 24x7Desktop – XP – Rarely turned onCLIENT SETUPuTorrent Version 2.0.4 build 21586Network Status bar light – GreenPort Checker - GreenConnection – UpnP, NAT-PMP off, Add Windows Firewall exception onBandwidth – Max Upload – 40KB/s Max Download – 60 Apply both rate limits on Number of connections – Global max number – 100 Peers/torrent - 40 Slots/torrent – 4 Aditional slots onBittorrent – All checked except "Limit local peer bandwidth"Queue – Max active – 3 Max Active Downloads – 2 Seeding tasks get higher priority – OnScheduller – onAdvanced Bt.transp-disposition – 31 Net.max-halfopen – 100 Link to comment Share on other sites More sharing options...
Switeck Posted September 10, 2010 Report Share Posted September 10, 2010 Lower net.max_halfopen and bt.transp_disposition both to only 1.Disable DHT (both kinds), LPD, Resolve IPs, and even Teredo/IPv6.Global connection max probably shouldn't be higher than 30 and connections per torrent needs to be at least slightly less than that if you do more than 1 torrent at once. Link to comment Share on other sites More sharing options...
onetti Posted September 11, 2010 Author Report Share Posted September 11, 2010 First of all, I would like to stress that I wasn't under a troubleshooting condition.I was getting flat download and upload lines up to the limits I've set, most of the times.The only thing that I observed was that usually when there was more than one active torrent uploading, only one would get most of the speed, the others remaining at very low speeds - only rarely they would get fairly distributed parts of the upload band.I didn't exactly understood the reasons for the changes you suggested - but I did them and what I've got was a radical drop of performance, the torrents took longer to get some speed, and it never raised closer to my speed max limits. So, after some five minutes I started undoing the changes.I started from restoring bt.transp_disposition back to 31, and apparently that change was enough to bring my client back to its original "good" performance.The other changes you've suggested are still in place - except the Teredo one, I couldn't find the place to set it, where it is?So far so good, and apparently they've succeeded in level the way band is distributed among active torrents, but I'm running this last configuration only for some 10 minutes, so I couldn't say for sure if it is just a cohincidence or not.Could you better explain the reasons that underlie each one of the changes you've suggested? I would appreciate that. EDIT: (i Specially didn't understand why net.max_halfopen should be such a lower number as "1", and not 32, for example, considering my router capacity of 32 simultaneous connections) Link to comment Share on other sites More sharing options...
Switeck Posted September 12, 2010 Report Share Posted September 12, 2010 BIG mistake on my part, sorry!bt.transp_disposition should not be changed to 1. OOPS!I should have put bt.connect_speed there. bt.connect_speed = how fast to attempt new peer/seed connections outgoing, per second. Even 4 per second could add up to many 1000's attempted in an hour.bt.transp_disposition should not be changed from default -- change that indirectly instead via checking/unchecking bandwidth management in Pref, BitTorrent window.If your modem really can't handle more than ~32 connections at once, you have to limit everything such that in TOTAL they don't exceed that amount.DHT, Local Peer Discovery, and Resolve IPs all make additional connections that could randomly exceed (in total) your ~32 limit.Global max connections and max connections per torrent should be self-explanatory -- but do note that incoming connections may briefly cause uTorrent to exceed those limits.net.max_halfopen is how many NEW outgoing TCP connection attempts to be making at once.This doesn't count incoming connection attempts, existing already-fully-connected peers/seeds, or uTP connection attempts.Teredo is part of Windows, not a part of uTorrent. It must be disabled in Windows...which isn't easy to do and varies from windows version-to-version. Link to comment Share on other sites More sharing options...
onetti Posted September 16, 2010 Author Report Share Posted September 16, 2010 No problem.Meanwhile, trying to go a little bit further on that, I came to the ip_conntrack_max constant that is also supposed to establish the limit of simultaneous connections in the modem.In my case, this constant shows 1000.But it was also said that this alone isn't enough to conclude anything about the actual limit of simultaneous connections, and that one should also take the hash size and a bunch of time-limits into consideration, so I found it better to give up trying to understand it, and stop dreaming about seeing things where probably there aren't, and I'm willing to accept that basically my modem is a little piece of s...., and, since everything was more a less working before I initiated this post, I decided to get back to those initial configurations, as stated in my first message.This rollback was done a couple of days ago, and by looking at modem log, I can't see any evidence that it is reaching that limit - provided that the modem would log it, which I think and hope it does.My next step on this point would be aquiring new network hardware in a more selective way.Thanks for your help anyway. Link to comment Share on other sites More sharing options...
Switeck Posted September 16, 2010 Report Share Posted September 16, 2010 The modem's flaw is probably in storing disconnected ip information in that 1000 limit and not gracefully dropping them from its tables when NEW connections are added.It's easy to count to 1000 in an hour, which is probably how LONG TCP/UDP timeouts are set to deep in the modem's firmware. So even if there's a "trickle-rate" of new connections, 1000+ are reached before the old disconnected ip information is forgotten. Were it possible to lower TCP/UDP timeouts to 1-5 minutes each, you'd probably see fewer problems. Link to comment Share on other sites More sharing options...
onetti Posted September 16, 2010 Author Report Share Posted September 16, 2010 I see what you mean, the longer a connection remains active, the shorter the tables overflow.By lowering the TCP/UDP timeouts, you mean one or more of the values below, don't you?/proc/sys/net/ipv4/netfilter/ip_conntrack_generic_timeout 600/proc/sys/net/ipv4/netfilter/ip_conntrack_icmp_timeout 4/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close 10/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close 10/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close_wait 60/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established 432000/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_sent 120/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_recv 60/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_fin_wait 120/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait 120/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_last_ack 30/proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout 30/proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream 180I took them from my router thru a telnet session, but I don't quite understand them, are they in seconds, minutes, hours? Do they look reasonable according to your suggestion? Am I miss any other variable that should be taken in account too? Link to comment Share on other sites More sharing options...
Switeck Posted September 17, 2010 Report Share Posted September 17, 2010 Those look reasonable, but I think you may have 1 detail backwards..."I see what you mean, the longer a connection remains active, the shorter the tables overflow."Makes it sound like the tables overflow quicker from long-lived connections. But it's the reverse that's true -- unstable peers/seeds that are constantly disconnecting and reconnecting to you are MORE likely to flood out the table. Link to comment Share on other sites More sharing options...
onetti Posted September 19, 2010 Author Report Share Posted September 19, 2010 "But it's the reverse that's true"Oops... ok then, I think.I wonder if I could plot that connection behaviour along the time by using Wireshark, where I'd have a display filter UDP or TCP, and then I'd use the Statistics IO graph with Y axis unit being Packets/Tick. Would packets/tick correspond to tcp/udp connections?If so, I could use this tool to monitor the changes either in the modem setup as well as in utorrent Link to comment Share on other sites More sharing options...
Switeck Posted September 20, 2010 Report Share Posted September 20, 2010 Packets per tick of what?A connection can send more than a single packet....But some forms of networking treat *EACH* UDP packet as though it's a separate connection -- poor-quality software firewalls and routers are often flooded because of this. Link to comment Share on other sites More sharing options...
onetti Posted September 22, 2010 Author Report Share Posted September 22, 2010 ...so, we reach, again, the poor-quality routing software / hardware issue, and Wireshark wouldn't allow me to precisely track the connections been made.Which leads me into another direction, that is, how to bypass my poor routing software (currently on top of my dlink modem), and still profit from sharing my internet connection between two pc's.Some further research show me the possibility of implementing a better routing software into one pc and use the modem solely as it is, just a modem.In my case, since I don't have for now an extra low power-consumption pc, I'm thinking of using VmWare to create a virtual linux box on my 24x7 laptop(the one where utorrent lies), and to install on it Pfsense - which is, I believe, a much better firewall and router software - and have the other dlink device, the wireless router, stand just as a hub to get all network devices connected.Obviously I don't intend with this to suddenly increase the number of simultaneous connections, since I'm ultimately throttled either by a slow upload speed and by my ISP. But, at least, I would be running on a more reliable routing application, thus eliminating - or, at least, reducing - possible dlink routing issues, and, at the same time, getting a much deeper inside of what's going on my networking - I think one of pfsense status windows shows exactly what I wanted to know, that is, the current and past number of simultaneous connections, and which I believe is the one that stands as "Firewall States" or something like this.What do you think? Link to comment Share on other sites More sharing options...
Switeck Posted September 22, 2010 Report Share Posted September 22, 2010 Putting the modem-router into bridged mode could make it even more unreliable, if it works at all. Try testing it, it should be easily possible to set back if it blocks internet access./proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout 30/proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream 180I'm pretty sure those are in seconds.See if your router has SPI - Stateful Packet Inspection (also called its "firewall"). If so, disable that, as inspecting EVERY packet when uTorrent is active is probably very hard on it. That alone may alleviate or solve your problems. Link to comment Share on other sites More sharing options...
onetti Posted September 27, 2010 Author Report Share Posted September 27, 2010 Well, for now, everything seems to be going fine. I did some changes in the values you initially suggested, and I'm getting flat download and upload graph lines stretched to the upper limits I've set up, and this for some 3 or 4 days.(See my current settings at bottom)As for my idea of adding a virtual Linux box to provide a much better routing application, I found out that I don't meet the minimum requirements: virtualization applications such as VMWare or Virtual PC require a 64-bit version of Vista, which I don't have. Besides, running a firewall on a virtualized linux box seems not to be a safe solution (certainly from the corporate standpoint, but, who knows...)Anyway, I'm very excited in going into this direction as soon as I get an old PC, onto which I would then add Pfsense or Monowall. I believe that this would eliminate any possibility of poor routing software failures, and at the same time, I would be profiting from a higher ability to manage and customize the routing routine settings.I understand that this won't be the silver bullet, that it will suddenly allow me to multiply the number of simultaneous connections, but, at least, it will be a much more manageable and transparent solution.I would appreciate hearing your opinion on this solution, and also to better understand what did you mean by "Putting the modem-router into bridged mode could make it even more unreliable, if it works at all."Here are my current settings:(please, take note that I've changed the shinning-shitty dlink for an old broken-case speedstream, that has more than 10 years of continuous operation, under total careless circunstances, but still seems to work fine, which is amazing)CONNECTION - 1Mb/300 Kb DSL connection monitored by RouterStatsNETWORK - Modem – Siemens Speedstream 5200 – Port-forwarding to laptop; firewall offRouter – Dlink DI524 – Wireless capability turned off, only used to connect laptop and desktop to modem, both on Ethernet; DHCP and NAT disabledLaptop – Vista SP2 – where uTorrent runs 24x7; Comodo Firewall; Avira anti-virusDesktop – XP – Rarely turned onCLIENT SETUPuTorrent Version 2.0.4 build 22150Network Status bar light – GreenPort Checker - GreenConnection – UpnP, NAT-PMP, Randomize port off, Add Windows Firewall exception on, Proxy Server noneBandwidth – Max Upload – 31 KB/s; Alternate upload rate 40 Max Download – 50 Apply both rate limits on Number of connections – Global max number – 80 Peers/torrent - 35 Slots/torrent – 3 Aditional slots onBittorrent – All checked except "Limit local peer bandwidth"; Protocol Encryption and legacy connections EnabledQueue – Max active – 3 Max Active Downloads – 2 Seeding tasks get higher priority – OnScheduller – onAdvanced bt.connect_speed - 3 net.max-halfopen – 8 all the rest at default settings Link to comment Share on other sites More sharing options...
Switeck Posted September 28, 2010 Report Share Posted September 28, 2010 "I've changed the shinning-shitty dlink for an old broken-case speedstream"I haven't been a fan of D-Link routers and modems just based on bad news I hear about them both here and at dsl reports. Link to comment Share on other sites More sharing options...
dmat@zar.co.za Posted September 29, 2010 Report Share Posted September 29, 2010 it worked like bomb..utorrent2.0.2 (25602 entries)how do i only connect to local torrents\peers in my country, using the filter in utorrent. like ip address that range within\ start with eg. 41-xxx-xxx-xxx.dsl.mweb.co.za Link to comment Share on other sites More sharing options...
moogly Posted September 29, 2010 Report Share Posted September 29, 2010 You can't filter by country. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.