RE: (FWD) Re: ISP Cutoff

["Matthew Sullivan" <mattsull@xxxxxxxxxxxxxxx>]

In my experience problems with connections dieing after a while are due to
crappy NAT routers.  I have had this problem with a Lucent DSL NAT
Router/modem, and a DLink WiFi router.  The problem seems to be with
excessively small NAT connection tracking tables, and then when the tables
get full, the routers are either unable to purge old connections before they
time-out or do a lousy job of doing so (ie they purge important
connections).
My advice would be to setup a Linux or OpenBSD box as router. (I run TOR on
my Linux router).  Either that or get a hardware router that runs Linux such
as the Linksys WRT54G(S) Then set the number of tracked connections to a
very large number such as:
echo "32768" > /proc/sys/net/ipv4/ip_conntrack_max
see: http://www.netfilter.org/documentation/FAQ/netfilter-faq-3.html#ss3.3
I assume that something similar can be done to *BSD
google for info on messing with the WRT54G (you probably want to use a
custom Firmware of some sort that has SSH)


On Fri, Jun 17, 2005 at 02:34:16PM -0400, Pat Frank wrote:
> Hey all.  I've been having some problems with my ISP disconnecting me
every
> few minutes while running a Tor server.  Here's some technical
information: 

Are you sure it isn't just a stability problem with your router? People
are quick to assume that everybody is out to censor them, when often
nobody is paying attention at all. :)

(The rate limiting option will help with instability problems too.)

--Roger