diff options
| -rw-r--r-- | etc/modprobe.d/vyatta_nf_conntrack.conf | 2 | ||||
| -rwxr-xr-x | scripts/check-params-on-reboot.d/conntrack-hash-size | 2 | ||||
| -rw-r--r-- | templates-cfg/system/conntrack/hash-size/node.def | 2 | ||||
| -rw-r--r-- | templates-cfg/system/conntrack/node.def | 12 | ||||
| -rw-r--r-- | templates-cfg/system/conntrack/table-size/node.def | 2 |
5 files changed, 10 insertions, 10 deletions
diff --git a/etc/modprobe.d/vyatta_nf_conntrack.conf b/etc/modprobe.d/vyatta_nf_conntrack.conf index b907431..c685d1c 100644 --- a/etc/modprobe.d/vyatta_nf_conntrack.conf +++ b/etc/modprobe.d/vyatta_nf_conntrack.conf @@ -18,4 +18,4 @@ # Description: Sets hash size for connection tracking table # As of 2.6.33: "expect_hashsize" is readonly -options nf_conntrack hashsize=4096 +options nf_conntrack hashsize=32768 diff --git a/scripts/check-params-on-reboot.d/conntrack-hash-size b/scripts/check-params-on-reboot.d/conntrack-hash-size index 19524d7..c3d7c41 100755 --- a/scripts/check-params-on-reboot.d/conntrack-hash-size +++ b/scripts/check-params-on-reboot.d/conntrack-hash-size @@ -22,7 +22,7 @@ else fi if [ -z "$cthash_cfg" ]; then - cthash_cfg=4096 # default hashsize value that Vyatta ships + cthash_cfg=32768 # default hashsize value that Vyatta ships fi if ! grep -q "nf_conntrack hashsize=$cthash_cfg$" \ diff --git a/templates-cfg/system/conntrack/hash-size/node.def b/templates-cfg/system/conntrack/hash-size/node.def index 242d0fe..b70d407 100644 --- a/templates-cfg/system/conntrack/hash-size/node.def +++ b/templates-cfg/system/conntrack/hash-size/node.def @@ -1,7 +1,7 @@ help: Hash size for connection tracking table type: u32 -default: 4096 +default: 32768 val_help: u32:1-50000000; Size of hash to use for connection tracking table diff --git a/templates-cfg/system/conntrack/node.def b/templates-cfg/system/conntrack/node.def index 211c963..0e93b52 100644 --- a/templates-cfg/system/conntrack/node.def +++ b/templates-cfg/system/conntrack/node.def @@ -2,20 +2,20 @@ help: Connection tracking engine options priority: 218 # before NAT and conntrack-sync are configured -delete: # set conntrack table size to standard 16384 entries if conntrack settings are removed - sudo sysctl -q -w net/nf_conntrack_max=16384 +delete: # set conntrack table size to standard 262144 entries if conntrack settings are removed + sudo sysctl -q -w net/nf_conntrack_max=262144 # set conntrack expect table size to standard 2048 entries if conntrack settings are removed sudo sysctl -q -w net/netfilter/nf_conntrack_expect_max=2048 - # set conntrack hash size to standard 4096 - if ! grep -q "nf_conntrack hashsize=4096$" /etc/modprobe.d/vyatta_nf_conntrack.conf + # set conntrack hash size to standard 32768 + if ! grep -q "nf_conntrack hashsize=32768$" /etc/modprobe.d/vyatta_nf_conntrack.conf then sudo sh -c "sed -i -e '/options nf_conntrack hashsize/d' \ /etc/modprobe.d/vyatta_nf_conntrack.conf" - sudo sh -c "echo options nf_conntrack hashsize=4096 >> \ + sudo sh -c "echo options nf_conntrack hashsize=32768 >> \ /etc/modprobe.d/vyatta_nf_conntrack.conf" - echo "Conntrack hash size set to default 4096. This change will take effect when the system is rebooted." + echo "Conntrack hash size set to default 32768. This change will take effect when the system is rebooted." fi # need to restart conntrackd with updated conntrack table size diff --git a/templates-cfg/system/conntrack/table-size/node.def b/templates-cfg/system/conntrack/table-size/node.def index 6b1decf..6fceb44 100644 --- a/templates-cfg/system/conntrack/table-size/node.def +++ b/templates-cfg/system/conntrack/table-size/node.def @@ -18,7 +18,7 @@ type: u32 help: Size of connection tracking table -default: 16384 +default: 262144 val_help: u32:1-50000000; Number of entries allowed in connection tracking table |