From owner-freebsd-performance@FreeBSD.ORG Mon May 5 07:41:58 2003 Return-Path: Delivered-To: freebsd-performance@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 92EB437B401 for ; Mon, 5 May 2003 07:41:58 -0700 (PDT) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id B2A2B43F75 for ; Mon, 5 May 2003 07:41:57 -0700 (PDT) (envelope-from anderson@centtech.com) Received: from centtech.com (electron.centtech.com [204.177.173.173]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id h45Efu56083090 for ; Mon, 5 May 2003 09:41:56 -0500 (CDT) (envelope-from anderson@centtech.com) Message-ID: <3EB67822.3070802@centtech.com> Date: Mon, 05 May 2003 09:41:38 -0500 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-performance@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: NAT performance tweaks X-BeenThere: freebsd-performance@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Performance/tuning List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 14:41:58 -0000 Does anyone have any tweaks they apply to NAT firewalls that pass a lot of connections through them? Here's the ony tweak I have in place already, but I'm not sure they're needed yet (or if there are any tweaks needed at all): sysctl kern.ipc.somaxconn=8192 Most connections being passed through this box are http requests, mail, ftp, and ssh connections. Any hints? Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology Attitudes are contagious, is yours worth catching? ------------------------------------------------------------------