On Sat, Jul 19, 2003 at 09:10:40PM -0300, Carlos Carvalho wrote:
> Martin Josefsson (gandalf@xxxxxxxxxxxxxx) wrote on 18 July 2003 23:28:
> >> If I echo 102400 > /proc/sys/net/ipv4/ip_conntrack_max, what is my worst
> >> case memory usage?
> >
> >Don't do this. This will increase the maximum number of connections it
> >will track, but not the number of buckets. Which means that it will be
> >slower due to longer collision-chains. Instead increase the number of
> >buckets. modprobe ip_conntrack hashsize=131072 (or any number here.
>
> How can we increase the number of buckets with a monolithic kernel?
For 2.4: by altering the default in the kernel source, sorry.
For 2.5/2.6: there is now a generic way of specifying module parameters
from the boot command line.
--
- Harald Welte <laforge@xxxxxxxxxxxxx> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
pgpYqLz1usO2Z.pgp
Description: PGP signature
|