PPRuNe Forums - View Single Post - Laptop Creating Too Many Sessions on Router
Thread: Laptop Creating Too Many Sessions on Router
View Single Post
Old 23rd Nov 2014, 08:01
  #5 (permalink)  
jimjim1
 
Join Date: Oct 2007
Location: Here
Posts: 963
Received 3 Likes on 2 Posts
Turn off the firewall on the router.
Not really helpful, as the OP explicitly stated that he requires port forwarding for a couple of applications.
I thought it was quite a helpful idea.

In the case of Cisco routers, with which I am most familiar having build thousands of configuration files for them, the NAT and firewall functions are completely independent. On cisco you can do NAT (port forwarding) 'til the cows come home without even having firewall capable software installed.

Further perusal of the manual[1] for this router though suggests that my idea of turning off the firewall will not help. I think I have found the Sessions per user parameter and it is part of the NAT setup. "Max NAT/Firewall Session Per User".

I has not previously looked there since I was looking for firewall stuff.

Turning off the firewall is apparently entirely possible in this router while still having NAT but it is pointless in this particular case.

The manual[1] by the way seems very decent for this type of device (350 pages - with words and pictures.

You could increase the sessions per user further in the hope that the timeout (for there surely is one) will kill them off before the device fills itself up. Just turn this up a lot. I have never configured such a limit and it seems unnecessary to me. If you turned off the firewall (that old chestnut again;-) it might well take the router longer to run out of memory since the storage required for each session will very likely be smaller.

The big question of course is, why is the PC generating so many sessions? I am not running any internet servers, only web browsing at present, and I see 50 - 100 TCP sessions on Resource Monitor. The firewall of course has to manage UDP 'sessions' too. These can only ever be released by a timeout since they don't really exist as such. A firewall (and a NATter too) has though to 'imagine' virtual UDP sessions if it is to do it's job.

I wonder if the PC is running any bit torrent software?

If it was my PC I would be very keen to identify the process(es) that was creating these sessions to eliminate the possibility of malicious code of some sort.

[1] http://www.zyxel.co.uk/upload/doc/P6...er%20Guide.pdf
jimjim1 is offline  
Reply