On Tue, Sep 30, 2008 at 07:05:12AM +0200, Marcus Herou wrote:
> Hi.
>
> Increased the buckets to 250 000 and conntrack_max to 1000 0000.
>
> About the time_wait do you mean setting the net.ipv4.tcp_fin_timeout value ?
> I have it set to 30 sec.
No, I meant this one :
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120
and in fact these ones should be reduced too (30s is fine for all of them) :
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120
Willy Received on 2008/09/30 07:08
This archive was generated by hypermail 2.2.0 : 2008/09/30 07:18 CEST