Krzysztof Oledzki schrieb:
>
>
> On Tue, 4 Dec 2007, Corin Langosch wrote:
>
>> hi marc,
>>
>> yes, netfilter with conntrack is running. I saw errors some weeks
>> ago, but i fixed them with:
>>
>> echo "Tuning network settings according to haproxy..."
>> echo 1048576 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
>
> Never do that! Instead, increase the hashsize and
> {ip,nf}_conntrack_max is going to be calculated automatically based on
> this value. If you have a recent 2.6 kernel with conntrack compiled
> into the kernel all you need to setup is a
> "ip_conntrack.hashsize=262144" kernel parameter.
>
> BTW: which kernel version are you you using?
>
> Best regards,
>
> Krzysztof Olędzki
>
> PS: Plase don't toppost.
thank's for the advice, I now do it with
echo 262144 > /sys/module/nf_conntrack/parameters/hashsize
i used to use the standard debian kernel 2.6.22-2-vserver-amd64, but now i upgraded to 2.6.22-3-vserver-amd64 because of your advice.
i'll keep you updated if anything helped :)
regards,
corin
Received on 2007/12/05 09:13
This archive was generated by hypermail 2.2.0 : 2007/12/05 09:15 CET