From owner-freebsd-questions@FreeBSD.ORG Fri May 2 11:54:14 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0660B106564A for ; Fri, 2 May 2008 11:54:14 +0000 (UTC) (envelope-from freebsd@the-irc.org) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.178]) by mx1.freebsd.org (Postfix) with ESMTP id CCAB28FC21 for ; Fri, 2 May 2008 11:54:13 +0000 (UTC) (envelope-from freebsd@the-irc.org) Received: by py-out-1112.google.com with SMTP id u52so2253728pyb.10 for ; Fri, 02 May 2008 04:54:13 -0700 (PDT) Received: by 10.141.203.7 with SMTP id f7mr1310044rvq.7.1209727724895; Fri, 02 May 2008 04:28:44 -0700 (PDT) Received: by 10.141.142.10 with HTTP; Fri, 2 May 2008 04:28:44 -0700 (PDT) Message-ID: <322efb7b0805020428y5f439fadk4b1beb95d397493@mail.gmail.com> Date: Fri, 2 May 2008 07:28:44 -0400 From: "Free BSD" To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: FreeBSD Server Settings Consult X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2008 11:54:14 -0000 We've been having some problems with our server and I was wondering if someone had any advice or suggestions for our current system settings. # cat /etc/sysctl.conf kern.ipc.maxsockbuf=1048576 net.inet.tcp.sendspace=65536 net.inet.tcp.recvspace=65536 net.local.stream.recvspace=65536 net.local.stream.sendspace=65536 net.inet.udp.recvspace=65536 net.inet.udp.maxdgram=65535 kern.ipc.somaxconn=8192 kern.maxvnodes=132072 kern.maxfiles=65535 kern.maxfilesperproc=65536 net.inet.tcp.msl=7500 net.inet.tcp.mssdflt=1460 security.bsd.see_other_uids=0 security.bsd.see_other_gids=0 kern.fallback_elf_brand=3 net.inet.tcp.newreno=1 net.inet.tcp.rfc1323=1 net.inet.tcp.delayed_ack=0 net.inet.ip.check_interface=0 vfs.vmiodirenable=1 net.inet.ip.portrange.randomized=1 net.inet.icmp.bmcastecho=0 net.inet.icmp.maskrepl=0 net.inet.icmp.icmplim=500 kern.randompid=89061 net.inet.icmp.drop_redirect=1 net.inet.icmp.log_redirect=0 net.inet.ip.random_id=89061 net.inet.ip.rtexpire=2 net.inet.ip.rtmaxcache=256 net.inet.ip.rtminexpire=2 net.inet.tcp.blackhole=2 net.inet.tcp.icmp_may_rst=0 net.inet.tcp.inflight.enable=0 net.inet.tcp.log_in_vain=0 net.inet.tcp.sack.enable=1 net.inet.udp.blackhole=1 net.inet.udp.log_in_vain=0 net.link.ether.inet.log_arp_wrong_iface=0 net.link.ether.inet.max_age=1200 # cat /boot/loader.conf kern.ipc.maxsockets=32768 kern.ipc.nmbclusters=32768 kern.ipc.nmbufs=131072 kern.ipc.shm_use_phys=1 kern.maxproc=8192 net.inet.tcp.tcbhashsize=16384 kern.maxfiles=65535 kern.maxfilesperproc=65536 # cat /etc/rc.conf (minus networking) clear_tmp_enable="YES" update_motd="NO" tcp_extensions="YES" firewall_enable="YES" firewall_script="/etc/ipfw.rules" linux_enable="YES" sshd_enable="NO" usbd_enable="NO" fsck_y_enable="YES" oidentd_enable="YES" pureftpd_enable="no" syslogd_enable="YES" syslogd_flags="-ss" ntpd_enable="YES" ntpd_flags="-4 -p/var/run/ntpd.pid" tcp_keepalive="YES" icmp_bmcastecho="NO" icmp_bandlim=="YES" portmap_enable="NO" icmp_drop_redirect="YES" quota_enable="YES" check_quotas="YES" #accounting_enable="YES" named_program="/usr/sbin/named" named_flags="-u bind -c /etc/namedb/named.conf" named_enable="YES" local_startup="/usr/local/etc/rc.d" openssh_enable="YES" openssh_flags="-4 -f/etc/ssh/sshd_config" openssh_pidfile="/var/run/sshd.pid" sendmail_enable="NO" network_interfaces="rl0 lo0" webmin_enable="YES" dumpdev="AUTO" dumpdir="/var/crash" courier_imap_imapd_enable="YES" courier_imap_imapd_ssl_enable="YES" courier_imap_pop3d_enable="YES" courier_imap_pop3d_ssl_enable="YES" courier_authdaemond_enable="YES" tor_enable="NO" chkservd_enable="YES" apop3d_enable="NO"