The cheapie routers like dlink, netgear, linksys, etc only have 2-4mb of ram in them, of which only a few kb is used for the connection tracking table. In mikrotik you can see the conntrack table can handle a few thousand or tens of thousands of connections, yet in these off the shelf routers they can handle maybe 200-400 connections in their table before they fill up. If the tcp connections don't get closed properly, they stay open and take up slots in the conntrack table, so when I say lock up, I mean you cant get new connections to open. This is why when people run p2p on their cheapie router they notice problems with other connections - the router can't track all the connections. And then they 'power cycle' their router to get it back online again (clearing the table). The asus routers now market using 'high p2p connections' because they have more ram in them and have a larger conntrack table.
Will elaborate more on the established / related piece in a bit, got a few more installs to do today and gotta get out of here : )
OK, that all makes sense to me. Maybe indeed some issues reported to us are of the nature you prescribe. I always looked into my own network to see if things could be improved/solved and I must say I already limit the amount of connections a user can make in my main gateway.
I have a /24 network I own (well, I pay for the use of it, but the network is mine to use, no share) and now the nat takes place in this main gateway.
So here always nat will take place and since 99% of domestic routers have the limitation you show (memory) and I mentioned (no nat bypass or disable) I am wondering how others are doing this.
Or is there a way we can directy pass the public IP to the clients domestic router? This way avoiding the nat in my main gateway?
I am anxious to see with what you come up.
I always have had this itch that my network should be different set-up in the authentication and routing ect. But so far they it works, it works fine and like you, always a full agenda.....
Show your appreciation of this post by giving me Karma! Thanks.
Rudy R. Puister
WISP operator based on MT routerboard & ROS.