I need to increase the UDP timeout for VoIP sessions. I believe the default timeout is 60 seconds. I tried the command via SSH
sysctl -w net.netfilter.nf_conntrack_udp_timeout=240
but I don't think it worked. Is there a way to change the UDP timeout value in LuCI, or do you need to use a CLI? Also, how do I see what the timeout value is?
You probably want nf_conntrack_udp_timeout_stream which is for when more than a packet has gone both ways. The default is 180 (seconds).
The default for nf_conntrack_udp_timeout is for when waiting on the first response from the other end. The connection tracking is cleared if the other side hasn’t replied in that time. Default is 30 (seconds).
To see the current value just pass the key name to sysctl.
sysctl net.netfilter.nf_conntrack_udp_timeout
sysctl net.netfilter.nf_conntrack_udp_timeout_stream
You can take these timeouts as a reference: https://github.com/openwrt/openwrt/pull/17334/files
sysctl -e -w net.netfilter.nf_conntrack_udp_timeout=600 \
net.netfilter.nf_conntrack_udp_timeout_stream=60 \
net.netfilter.nf_flowtable_udp_timeout=600 | tee -a /etc/sysctl.conf
flowtable (offload) timeout is significant for slow routers running at 100% of CPU as few packets get re-ordered every that many seconds and you hear that as chirps in the sound. Indifferent for adequately sized routers.
stream timeout is for one-way streams like tv multicast, or dns, ntp waiting for reply.
Thank you DBAA and brada4. I guess my initial command worked, because when I checked the value using
sysctl net.netfilter.nf_conntrack_udp_timeout
the value showed 240. I also did the command for the stream, but brada4 says it is for one-way streams, which wouldn’t apply to VoIP. Is it needed for VoIP?
_stream is excessive by default, it is time to wait for 1st reply packet, probably if you set it to 1s your dns and quic starts glitching, otherwise keep it as low as practical . 10min is derived from libtorrent, quic has 5min at its heaviest.