[LARTC] Connection Tracking - How Many???

[LARTC] Connection Tracking - How Many???

[Walter D. Wyndroski]

[-- Attachment #1: Type: text/plain, Size: 696 bytes --]

How many connections can be tracked with:

512 megabytes of RAM?
1 gigabyte of RAM?

I know there is a limit. I read it somewhere about eight months ago in some obscure location. 

Thanks in advance.
Walt
**********************************************************************************************
* This message has been scanned by CityNET's email scanner for viruses and dangerous content *
* and is believed to be clean.  CityNET is proud to use MailScanner.  For more information   *
* concerning MailScanner, visit http://www.mailscanner.info                                  *
**********************************************************************************************


[-- Attachment #2: Type: text/html, Size: 1352 bytes --]

Re: [LARTC] Connection Tracking - How Many???

[Stef Coene]

On Wednesday 24 September 2003 04:44, Walter D. Wyndroski wrote:
> How many connections can be tracked with:
>
> 512 megabytes of RAM?
> 1 gigabyte of RAM?
>
> I know there is a limit. I read it somewhere about eight months ago in some
> obscure location.
From the faq page on netfilter.org :

3.6 ip_conntrack: maximum limit of XXX entries exceeded 

If you notice the following message in syslog, it looks like the conntrack 
database doesn't have enough entries for your environment. Connection 
tracking by default handles up to a certain number of simultaneous 
connections. This number is dependent on you system's maximum memory size (at 
64MB: 4096, 128MB: 8192, ...). 

You can easily increase the number of maximal tracked connections, but be 
aware that each tracked connection eats about 350 bytes of non-swappable 
kernel memory!

To increase this limit to e.g. 8192, type:

echo "8192" > /proc/sys/net/ipv4/ip_conntrack_max

Stef

-- 
stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.openprojects.net

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Connection Tracking - How Many???

[Walter D. Wyndroski]

[-- Attachment #1: Type: text/plain, Size: 1355 bytes --]

Sorry, I must have missed it when reading the netfilter howto. I found it later when reading through it again: approx 32,000 connections per 512 megs of ram.

Walt
  ----- Original Message ----- 
  From: Walter D. Wyndroski 
  To: lartc@mailman.ds9a.nl 
  Sent: Tuesday, September 23, 2003 10:44 PM
  Subject: [LARTC] Connection Tracking - How Many???


  How many connections can be tracked with:

  512 megabytes of RAM?
  1 gigabyte of RAM?

  I know there is a limit. I read it somewhere about eight months ago in some obscure location. 

  Thanks in advance.
  Walt


         This message has been scanned by CityNET's email scanner for viruses and dangerous content 
         and is believed to be clean. CityNET is proud to use MailScanner. For more information 
         concerning MailScanner, visit http://www.mailscanner.info
       

**********************************************************************************************
* This message has been scanned by CityNET's email scanner for viruses and dangerous content *
* and is believed to be clean.  CityNET is proud to use MailScanner.  For more information   *
* concerning MailScanner, visit http://www.mailscanner.info                                  *
**********************************************************************************************


[-- Attachment #2: Type: text/html, Size: 2953 bytes --]