[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: How many keep state ?
From:       rmkml <rmkml () wanadoo ! fr>
Date:       2003-02-24 19:11:10
[Download RAW message or body]

of course Jim,

but which limit state in ipfilter ?
65K ?
more ?
and How much memory ?
(like 3 000 000 over Lucent Brick, is possible on ipfilter over solaris/*bsd ?)

Regards.


Jim Sandoz wrote:

> re: solaris table size tweaking...
>
> http://home.earthlink.net/~jaymzh666/ipf/IPFsolaris.html#10
>
> ps
> if you want to provide for a very large number of states,
> take the following steps:
> 1) re-evaluate why you are keeping state; perhaps you
>     don't need to in some cases.
> 2) install sufficent RAM.
> 3) increase the state table sizes from the defaults.
> 4) decrease the idle connection timeouts from the defaults.
> 5) modify any associated operating system parameters.
>
> jim
>
> rmkml wrote:
>
> >>        But you will need to modify the NAT/TABLE sizes in IPFilter
> >>source and tune the kernel to increase the amount of memory that the kernel
> >>can malloc.
> >>
> >>        The above is for FreeBSD. *BSD are generally the same I suppose.
> >
> >
> > and solaris ?
> >
> >

[prev in list] [next in list] [prev in thread] [next in thread]