On Tue, 4 Dec 2007, Corin Langosch wrote:
> hi marc,
>
> yes, netfilter with conntrack is running. I saw errors some weeks ago, but i
> fixed them with:
>
> echo "Tuning network settings according to haproxy..."
> echo 1048576 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
Never do that! Instead, increase the hashsize and {ip,nf}_conntrack_max is going to be calculated automatically based on this value. If you have a recent 2.6 kernel with conntrack compiled into the kernel all you need to setup is a "ip_conntrack.hashsize=262144" kernel parameter.
BTW: which kernel version are you you using?
Best regards,
Krzysztof Olędzki
PS: Plase don't toppost. Received on 2007/12/04 21:47
This archive was generated by hypermail 2.2.0 : 2007/12/04 22:30 CET