TCP/IP settings Time Outs, what exactly are they for?

[Vexira]

Im quite curious about what these time out values affect and if they have any influence on internal lan based, remote desktop connections or voip ata devices?

 

[Vexira]

I'm also wondering is there any negative effects form lowering the value below 30.

 

[Xrsenal]

I'm also wondering is there any negative effects form lowering the value below 30.

No really good data on this. Wish someone could test for games and things like that

 

[dave14305]

They relate to conntrack kernel settings.

# ls /proc/sys/net/ipv4/netfilter/ip_conntrack_*timeout*
/proc/sys/net/ipv4/netfilter/ip_conntrack_generic_timeout
/proc/sys/net/ipv4/netfilter/ip_conntrack_icmp_timeout
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close_wait
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_fin_wait
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_last_ack
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_max_retrans
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_recv
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_sent
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_sent2
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait
/proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout
/proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream

I don’t know what problem was meant to be solved back when this was implemented (maybe conntrack table overflows?). I’ve never modified them. I imagine they would influence how long connections appear in netstat, for example.

 

[RMerlin]

I don’t know what problem was meant to be solved back when this was implemented (maybe conntrack table overflows?). I’ve never modified them. I imagine they would influence how long connections appear in netstat, for example.

Back in the day, I remember some VoIP services required people to tweak their UDP timeouts. These days however you very rarely ever need to tweak these. The Linux kernel defaults have been tweaked over the years, and routers have much more free RAM to handle more simultaneous tracked connections than back in the WRT54G days.

I've even considered eventually removing these settings from the webui, since people not understanding how these work are more likely to break things than do any good.

Understanding these require understanding how the Linux kernel and conntrack work. It's not something that can be summed in a few paragraphs.

 

[heysoundude]

Resurrecting an old thread (after checking even older ones out) because they're still accessible in the firmware-
I've been having some difficulties making streams from an IPTV provider on my HTPC run as smoothly at traditional cable. The port has been forwarded/opened, but now I'm seeing that timeouts are a thing - from what I can garner skimming over the man page for conntrack, it's a duration specified to keep things that are normally closed open, and how soon/quickly to close them after data stops flowing through them. neat. a nice feature.
Checking my table, everything seems to be at default except for UDP...which may be the issue. they're significantly below defaults on mine, and I have no recollection of ever stumbling into these before. I'm going to a a zero to the digits in those boxes and see what happens (they're still 1/3 of what the defaults are that way...) I'll dig into the differences between assured and unreplied tomorrow with fresh eyes and brain...