At pek times, I have around 1,500 users connected and passing through my MT router. Some of these users have networks, so the actual number of PCs may be higher than 1,500.

With other routers I have used (linux based) I have had trouble with connection tracking enabled in that the conntracks table filling up.

I don't know how many table entries the MT router can have, it would depend on ram I imagine. But there HAS to be some limit. As I don't need connection tracking (I'm not using NAT, and my filtering is simple port blocking, not stateful), is there any concerns I should have if I disable connection tracking in my MT? WIll I be breaking/disabling anything important? What features of the MT will no longer work if I disable connection tracking (other than what I mentioned above)?

Thanks!
-Alan

I've always not been 100% clear on this either. From what I know the following is dependant on connection tracking:

ip helpers
mangling
nat

If you are not using the above you should be able to turn conn-track off. You will not need any rules allowing established and related any longer either.

Sam