diff options
| author | Christian Breunig <christian@breunig.cc> | 2025-06-07 09:15:30 +0200 |
|---|---|---|
| committer | Christian Breunig <christian@breunig.cc> | 2025-06-07 10:55:24 +0200 |
| commit | 08421b277b1f460ebc51673571bab975aece2215 (patch) | |
| tree | 2b209eee82a39c007b20d44b4aed9121315266e8 /src/migration-scripts/reverse-proxy | |
| parent | b3ebf8f81afc0c4ceddd11c28421971b7b44fe69 (diff) | |
| download | vyos-1x-08421b277b1f460ebc51673571bab975aece2215.tar.gz vyos-1x-08421b277b1f460ebc51673571bab975aece2215.zip | |
conntrack: T7208: nf_conntrack_buckets defaults and behavior
Previously, we used a lower limit of 1 and a default value of 32768 for the
nf_conntrack_buckets (conntrack hash-size) sysctl option. However, the Linux
kernel enforces an internal minimum of 1024. A configuration migrator will now
adjust the lower limit to 1024 if necessary.
The former default value of 32768 was passed as a kernel module option, which
only took effect after the second system reboot. This was due to the option being
rendered but not applied during the first boot. This behavior has been changed so
that the value is now configurable at runtime and takes effect immediately.
Additionally, since VyOS 1.4 increased the hardware requirements to 4GB of RAM,
we now align the default value of nf_conntrack_buckets with the kernel's
default for systems with more than 1GB of RAM to 65536 entries. Previously, we
only supported half that amount.
Diffstat (limited to 'src/migration-scripts/reverse-proxy')
0 files changed, 0 insertions, 0 deletions