OpenWrt Forum Archive

Topic: trying to set max connections (ip_conntrac_max)

The content of this topic has been archived on 16 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Hi.

This is just another one of these stupid newbie(:)) questions (sorry for that!!):

As I previously used DD-WRT I am used to be able to set up the number of maximum connections (ip_conntrack_max).
I was looking for that in openWRT and found it in /proc/sys/net/ipv4/.
In the forum I found the command "echo 4096 > /proc/sys/net/ipv4/ip_conntrack_max". Looks clear and simple: "it writes "4096" to ip_conntrack_max" was my first assumption.
But when I vi it, there is nothing written inside.
What does this "echo >"do exactly?
And what is this "ip_conntrack_max"?? Is it a file? A symlink (can't rm it)? Or anything else?

And the most important: what is the default number of max connections in open WRT?
DO I have to set this ip_conntrack_max for better performance (in DD-WRT '4096' is the best and most stable)?

try using cat to check the contents of the file

echo is a command to print whatever is passed to it as an argument to stdout, > redirects that output into a file, in this case it's a file on the /proc filesystem which is your window into the user readable and writable kernel values.

Netzfetz wrote:

But when I vi it, there is nothing written inside.
What does this "echo >"do exactly?
And what is this "ip_conntrack_max"?? Is it a file? A symlink (can't rm it)? Or anything else?

The /proc hierarchy contains special files. They may be read only or write only or read and write. You cannot seek in it, it may explain why vi cannot read it.

Netzfetz wrote:

And the most important: what is the default number of max connections in open WRT?
DO I have to set this ip_conntrack_max for better performance (in DD-WRT '4096' is the best and most stable)?

AFAIK, the default depends on the quantity of RAM. You have to increase ip_conntrack_max only if you get messages that say that the conntrack table is full. You can get the current size by using "

wc -l /proc/net/ip_conntrack

A much easier way todo this, would be in using the /etc/sysctl.conf file. This was tested on the WhiteRussian RC2 release.

Add the following line to /etc/sysctl.conf:

net.ipv4.netfilter.ip_conntrack_max=4096

Than execute:

root@OpenWrt:~# sysctl -p && reboot

To check if the value is set correctly do:

root@OpenWrt:~# sysctl net.ipv4.netfilter.ip_conntrack_max

or

root@OpenWrt:~# cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
Netzfetz wrote:

And the most important: what is the default number of max connections in open WRT?

Doing a

cat /proc/sys/net/ipv4/ip_conntrack_max

after reboot should show you the default value.

GREAT!! That was all I was looking for! Thank you!
Works perfekt.

Interesting: the default value on my WRT is 5953. Pretty cool...

Hi

i am trying to increase max connection also. But i dont get openwrt to get higher than 5953. Even if i give 8192 to ip_conntrack_max in sysctl.conf the max amount falls back to 5953 according to 'sysctl net.ipv4.netfilter.ip_conntrack_max' and 'cat /proc/sys/net/ipv4/ip_conntrack_max' . I really have to get the max connections higher than this. Some suggestions?

Btw. the funny thing is that if i set the ip_conntrack_max below 5953 and above something like 12000 internet connections to my local network freezes. I am using white russian rc3 and i dont know if this is a bug or some other situation.

Thanks alot

greetings
Bjunix

Edit:

Ok i solved the situation. I also had to set the net.ipv4.ip_conntrack_max variable.
here's my sysctl.conf

...
net.ipv4.netfilter.ip_conntrack_max=11906
net.ipv4.ip_conntrack_max=11906

(Last edited by bjunix on 16 Sep 2005, 23:48)

The discussion might have continued from here.