On Thu, 19 Jul 2007, Konstantin Svist wrote:
as I said, the current (and default) value is 65536
what would you suggest changing it to?
I have it set to 256000 on my low traffic boxes and 1024000 on my high traffic
boxes.
David Lang
Thomas Jacob wrote:
I'l looking at nf-HiPAC right now - will probably try it some time soon.
Beyond that, I'm out of ideas for the moment.
nf-HiPAC won't help there if you just have 25 rules
( => http://people.netfilter.org/kadlec/nftest.pdf ), the problem is
very likely down to you using the default parameters for the conntrack hash
table,
just like the other reply indicated.
