Chris Buechler wrote:
> On 3/4/07, Jukka Ruotsalainen <jukka dot ruotsalainen at cs dot helsinki dot fi> wrote:
>> How the amount of sessions is setup?
> hard coded at compile time. You have to recompile the kernel to raise
> the limit.
>> Is it same as sysctl -w kern.ipc.somaxconn=32768 ?
>> I use now
>> sysctl -w kern.ipc.somaxconn=32768
>> and set kern.ipc.nmbclusters=32768
> I believe these aren't actually going to help anything. I believe they
> only affect traffic initiated by the firewall, or destined to daemons
> listening on the firewall, which would be next to nothing. I know the
> FAQ says otherwise (I wrote that FAQ quite a while ago, it needs to be
> revised once I have a chance to figure out for sure what the effect of
> those is in a firewall environment).
I have setup where I have about 50 users and m0n0 is acting as firewall
and traffic shaper, I do have a feel that I have more problems if I do
not set sysctl -w kern.ipc.somaxconn=32768
All traffic is not routed to the wan so "smoothly", specially heavy p2p
traffic causes problems.
kern.ipc.somaxconn=32768 what it actually does?
Also some bsd tweak guides do recomend these settings, it should
increase max connections and protects against dos attacks?
I really hope some "performance" build of m0n0wall, nothing else, but
just tweaked settings so more memory and maybe processing power is used
I have no need to change pfsense.