NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
what is orbi's tcp session timeout value?
does anybody know orbi's tcp session timeout value? my guesstimate puts it somewhere around 5 or 10 minutes.
tcp timeout is usually measured in hours, udp is in the range of 2 minutes.
I found this in the Orbi settings:
net.netfilter.nf_conntrack_tcp_timeout_established=7440
Which means tcp timeout is around 2 hours.
ive got att uverse internet dsl. i suspect the pace modem does a nat'd dmz mode. it's set for 86400 seconds. i suspect with the two being different is clogging up (dont know the offical term) the pace modem. something like devices connected to the orbi is generating more sessions than the pace modem can handle; which appears to be 8112 sessions. its easier for me to change value in the pace modem to match orbi. incidentally, ive had the pace modem set for 1800 seconds for the last five days or so and no internet service disruptions since. meaning no complaints from wife and kid for five days....ive made the internet great again.
can you dig up the value for udp? might as well set them to matching values.
at 7440 seconds on the isp gateway, tcp sessions doubled to just under 2000 sessions. orbi/debug reports around 600 sessions. i think they should be reporting similar number of sessions. as it times out the orbi, the isp gateway should be timing out shortly after. att uverse pace gateway appears to support 8112 sessions. while the orbi appears to support 65536...ive since changed it 3600 seconds. the number of sessions on the isp gateway continues to drop as time passes, although it is still higher than that reported on the orbi.
i did more googling and it appears one tried and true solution to the double nat is to match tcp session timeout on isp device and router. att uverse dsl gateway by pace allows editing of tcp session timeout, but many do not. netgear please add tcp session timeout field to advanced tab.
other problem is when isp device has ridiculous long tcp session timeout, and the router has short timeout; it can fill up the isp device's nat table (found the proper terminology) or clog up the device. hence the internet service disruption. as stated before, ive reduced tcp session timeout on the isp device and yet to experience internet service disruption.
i should also complain to att for leasing low end equipment supporting only 8112 tcp sessions compared to the 65536 on the orbi. before changing the timeout, it was always around 6000 sessions on the isp device. i guess it didnt take much more to put the hurt on the isp device with everything internet connected in the home.
Shotround wrote:
ive got att uverse internet dsl. i suspect the pace modem does a nat'd dmz mode. .....
Is it possible to "bridge" the pace modem so it will only pass through? What is the model of the modem?
att/pace does not offer that selection. just dmzplus which is still nat. att uverse devices pull multiple duty. i have internet only but the device also processes phone (internet phone?) should i ever get a land line again.