|
||||||||||
Chris Buechler wrote: > On 3/4/07, Jukka Ruotsalainen <jukka dot ruotsalainen at cs dot helsinki dot fi> wrote: >> >> How the amount of sessions is setup? > > hard coded at compile time. You have to recompile the kernel to raise > the limit. > > >> Is it same as sysctl -w kern.ipc.somaxconn=32768 ? >> > > No. > > > >> I use now >> >> sysctl -w kern.ipc.somaxconn=32768 >> >> and set kern.ipc.nmbclusters=32768 >> > > I believe these aren't actually going to help anything. I believe they > only affect traffic initiated by the firewall, or destined to daemons > listening on the firewall, which would be next to nothing. I know the > FAQ says otherwise (I wrote that FAQ quite a while ago, it needs to be > revised once I have a chance to figure out for sure what the effect of > those is in a firewall environment). > > -Chris I have setup where I have about 50 users and m0n0 is acting as firewall and traffic shaper, I do have a feel that I have more problems if I do not set sysctl -w kern.ipc.somaxconn=32768 Then All traffic is not routed to the wan so "smoothly", specially heavy p2p traffic causes problems. kern.ipc.somaxconn=32768 what it actually does? Also some bsd tweak guides do recomend these settings, it should increase max connections and protects against dos attacks? I really hope some "performance" build of m0n0wall, nothing else, but just tweaked settings so more memory and maybe processing power is used properly. I have no need to change pfsense. Jukka |