Netfilters/ TCP-UDP configurations

Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Advanced Networking
Author Message
Mr.FlowTastiX
DD-WRT User


Joined: 11 Aug 2017
Posts: 126

PostPosted: Wed Nov 29, 2017 7:35    Post subject: Netfilters/ TCP-UDP configurations Reply with quote
Ive finally found how to manage these, netfilter and conntrack togheter with DD-wrt
To make use off to max load you should set the router to 1048576,
but in the past ive been trying to configure this but with the wrong tcp_rmem and tcp_wmem
now im actually on point on how to issue this,
and make it work with all the command you want to configure
first off you should go to SETUP > NETWORKING
and change the main interface bride br0 PRIO
to whatever you want your conntrack_max to be...
Else this wont work, im using the 1048576,
cause most games use this for max rate...
Once you got that on there,
you could but its not a must, doenst really make any different but
on administration you could change the Maximum Ports to either
4096 - 8192 or even 16384 - 32768 ...
for UDP Timeout 60 and 60 for TCP, the get faster responds .

Anywayse if your using the correct Startup script now, with conntrack_max init
same as on your interface PRIO this should work perfectly;
How to Set up your TCP_WMEM and TCP_RMEM :
you could use a few off them it all depends on your PRIO/CONNTRACK_MAX

IVE MADE 3 EXAMPLES OF WHAT WORKS FOR 1048576
1) First is default(low) value's
2) Second is Balanced(medium) value's
3) Third is Highest(max) value's
So for example your RMEM/WMEM should be :

1) DEFAULT(LOW):
echo 262144 > /proc/sys/net/core/rmem_max
echo 262144 > /proc/sys/net/core/wmem_max
echo "4096 16384 262144" > /proc/sys/net/ipv4/tcp_wmem
echo "4096 87380 262144" > /proc/sys/net/ipv4/tcp_rmem
echo 1000 > /proc/sys/net/core/netdev_max_backlog
echo 8192 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
BE SURE TO CHANGE NETWORKING INTERFACE (br0)PRIO
to 8192 for this to work


2) BALANCED(MEDIUM):
echo 16777216 > /proc/sys/net/core/rmem_max
echo 16777216 > /proc/sys/net/core/wmem_max
echo "4096 65536 16777216" > /proc/sys/net/ipv4/tcp_wmem
echo "4096 87380 16777216" > /proc/sys/net/ipv4/tcp_rmem
echo 2048 > /proc/sys/net/core/netdev_max_backlog
echo 1048576 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
BE SURE TO CHANGE NETWORKING INTERFACE (br0)PRIO
to 1048576 for this to work.


3) HIGHEST(MAX):
echo 1048576 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
echo 4096 > /proc/sys/net/core/netdev_max_backlog
echo "524288 2097152 33554432" > /proc/sys/net/ipv4/tcp_rmem
echo "524288 2097152 33554432" > /proc/sys/net/ipv4/tcp_wmem
echo 33554432 > /proc/sys/net/core/rmem_max
echo 33554432 > /proc/sys/net/core/wmem_max
BE SURE TO CHANGE NETWORKING INTERFACE (br0)PRIO
to 1048576 for this to work.


Its all about personal reference, you feel a slight different when using MAX and LOW
I personally think the MAX one is like to much your getting for gaming.

This is my Start up script im using;
Quote:
sleep 10
echo 9999999 > /proc/sys/fs/file-max
echo 9999999 > /proc/sys/fs/nr_open
echo 1048576 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
echo 16777216 > /proc/sys/net/core/rmem_max
echo 16777216 > /proc/sys/net/core/wmem_max
echo "8192 873800 8388608" > /proc/sys/net/ipv4/tcp_rmem
echo "4096 655360 8388608" > /proc/sys/net/ipv4/tcp_wmem
echo "8388608 8388608 8388608" > /proc/sys/net/ipv4/tcp_mem
echo 1 > /proc/sys/net/ipv4/tcp_window_scaling
echo 0 > /proc/sys/net/ipv4/tcp_adv_win_scale
echo 3240000 > /proc/sys/net/ipv4/tcp_max_syn_backlog
echo 6000000 > /proc/sys/net/ipv4/tcp_max_tw_buckets
echo 3240000 > /proc/sys/net/core/somaxconn
echo 4096 > /proc/sys/net/core/netdev_max_backlog
echo 16384 > /proc/sys/net/core/netdev_max_backlog
echo 1 65535 > /proc/sys/net/ipv4/ip_local_port_range
echo 7 > /proc/sys/net/ipv4/tcp_fin_timeout
echo 30 > /proc/sys/net/ipv4/tcp_keepalive_time
echo 1 > /proc/sys/net/ipv4/tcp_no_metrics_save
echo 2 > /proc/sys/net/ipv4/tcp_syn_retries
echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
echo 1 > /proc/sys/net/ipv4/tcp_sack
echo 0 > /proc/sys/net/ipv4/tcp_slow_start_after_idle
echo 65536 > /proc/sys/vm/min_free_kbytes
echo performance > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
echo performance > /sys/devices/system/cpu/cpu1/cpufreq/scaling_governor
echo 2 > /proc/sys/vm/overcommit_memory
echo 0 > /proc/sys/net/ipv4/conf/default/accept_source_route
ifconfig eth0 txqueuelen 2
ifconfig eth1 txqueuelen 2
sysctl -w net.ipv4.tcp_congestion_control=htcp


Be sure to make full load from your CPUFREQ:
echo performance > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
echo performance > /sys/devices/system/cpu/cpu1/cpufreq/scaling_governor


These are important aswell if not configured correct,
you will have latency issue's when gaming,

echo 1 > /proc/sys/net/ipv4/tcp_window_scaling
echo 0 > /proc/sys/net/ipv4/tcp_adv_win_scale


And dont forget to use the same value for your interface PRIO on br0
the same as you are using for your conntrack_max.


I also tryed doubling these value's but i geuss that would be to much,
and kinda giving me more latency;

echo 2097152 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
echo 2048 > /proc/sys/net/core/netdev_max_backlog 2048
echo "1048576 4194304 67108864" > /proc/sys/net/ipv4/tcp_rmem
echo "1048576 6291456 67108864" > /proc/sys/net/ipv4/tcp_wmem
echo 67108864> /proc/sys/net/core/rmem_max
echo 67108864> /proc/sys/net/core/wmem_max
SO DONT USE THESE!!

Now go try it yourself and feel the different,
If you are online gamer for XBOX or PC,
You would defenitly feel a slight better connection,
and no more lag spikes or frame drops.
Much Smoother Gaming!!!


PS: As for member/admins on DD-WRT, dont come rushing at me
saying these dont work for you them i'm sorry to hear that,
then you must overlooked something or not configured well.
Iv'e found this from loads of resource's and experimenting for myself
to try and find the correct calculation, and find the MAX and the MIN.
Value's so this is what ive ended up with, that works for me much better!!
First i was having 35-40ms Latency in games and i was still producing
bufferbloating, sometimes when heavy loads lag spikes.
After using this commands and adjustments,
im now having 21-28ms latency and much improvement for UP/DOWN
Im not talking about SPEED or more up/down... cause thats not possible,
you only can regulate these, so you have a straight line no up/downs jitters
on your connection, good source is DLSREPORTS.COM to find out.
I am using QoS aswell with some configurations on the interfaces and Mac adresses
and port Priority's but this is not a guide for that, allready good guides out there
to set this up correctly.
I also want to add im not using uPnP, i manually configure my port forwarding
for what i need for my device's.
For security settings, im filtering Multitasking and ARP Spoofing prot,
WiFi 5.0ghz is on 160 (80+80)..
After brainstorming for a long time ive finally found a setting that works best for me ethernet connection.
Maybe this would to for some people aswell, mostly if your a competive gamer,
and like your things to run smoothly.

My router used Netgear R7800 DD-Wrt
DD-WRT v3.0-r33770M kongat (11/15/17)
Kernel VersionLinux 3.18.81-rc1 #225 SMP PREEMPT Wed Nov 15 16:49:58 CET 2017
And Using PPoE connection behind Modem/Router with single NAT
Connected on the WAN port from my router to LAN on modem.
SUBNET USED 172.16.0.0/24


I also want to mention ive found a better way to get IPV6
if your ISP supports it and modem is forwarding,
instead of the burst of IPV6 you get when using the regular command for DHCP6c
you need to go to SERVICES >
ENABLE > Add Requestor MAC to DNS Query.
And on IPV6 Tabled, Prefix DHCPv6 Delegation
ENABLE > Dhcp6s

I think this would be all i would like to add to this topic!!
Hope i helped out some users, having trouble finding these settings.
Enjoy Gaming!!

_________________
Router Model: Netgear R7800
Firmware: DD-WRT v3.0-r33645M kongat (11/02/17)
Modem: Bbox v3
ISP: Skynet 60/15 Mbps
Sponsor
choppyc
DD-WRT Novice


Joined: 31 Mar 2018
Posts: 4

PostPosted: Thu May 17, 2018 12:30    Post subject: Reply with quote
SETUP > NETWORKING
and change the main interface bride br0 PRIO
to whatever you want your conntrack_max to be...
Else this wont work, im using the 1048576,

My max is 61440, how can you change this as it’s a drop down box?
Thanks
Mr.FlowTastiX
DD-WRT User


Joined: 11 Aug 2017
Posts: 126

PostPosted: Thu May 17, 2018 18:48    Post subject: Reply with quote
choppyc wrote:
SETUP > NETWORKING
and change the main interface bride br0 PRIO
to whatever you want your conntrack_max to be...
Else this wont work, im using the 1048576,

My max is 61440, how can you change this as it’s a drop down box?
Thanks


Hi dude, this is a really old post, but normally if you use the start up script as posted you could max this out, you have to maybe copy and paste 1048576. This way you can have more digits then 65378... and have the same values on your start up script and admin page, but I'm not sure it's working still maybe they updated it, I don't really use my router any more sold it for like 100€ custom made. I'm not into dd-wrt'ing anymore sadly enough I had a great time on it. Cool that some people still trying to figure this configs out, I spent loads of time in the telnet SSH page trying to find what it all does and why and how to configure. I spent long nights trying to figure out some of the commands, but never really felt like it was correctly managed, not even from DD-WRT side of view, I've had a few nights I really got deep into it benchmarking and testing connection trying to get the max and most stable connection for my network. I've had great days, especially in gaming that I got like the smoothest connection of all on the server - I was like ahead of them in time in meaning of reaction and receiving netload. You have to work on your port forwarding and PnP trying to figure that out. Make sure the ports are open on your device as well and which ones you should use. Never use DMZ, try to find some topic on the forum I've got a few on here relating to this issue but users and admins not really into these commands and see them as bollocks but for me it helped alot. I hope you find your way through the DD-WRT Tunnel and find better solutions than I did. Let me know if you do or if you have any questions, maybe use screenshot that way my memory can pop up better Smile

Have fun lad
Happy DD-Wrting!

_________________
Router Model: Netgear R7800
Firmware: DD-WRT v3.0-r33645M kongat (11/02/17)
Modem: Bbox v3
ISP: Skynet 60/15 Mbps
Display posts from previous:    Page 1 of 1
Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum