[ previous ] [ next ] [ threads ]
 
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] M0n0wall performance question
 Date:  Sun, 4 Mar 2007 16:18:03 -0500
On 3/4/07, Jukka Ruotsalainen <jukka dot ruotsalainen at cs dot helsinki dot fi> wrote:
>
> How the amount of sessions is setup?

hard coded at compile time. You have to recompile the kernel to raise
the limit.


> Is it same as sysctl -w kern.ipc.somaxconn=32768 ?
>

No.



> I use now
>
> sysctl -w kern.ipc.somaxconn=32768
>
> and set kern.ipc.nmbclusters=32768
>

I believe these aren't actually going to help anything. I believe they
only affect traffic initiated by the firewall, or destined to daemons
listening on the firewall, which would be next to nothing. I know the
FAQ says otherwise (I wrote that FAQ quite a while ago, it needs to be
revised once I have a chance to figure out for sure what the effect of
those is in a firewall environment).

-Chris