On Wed, 2003-09-03 at 09:02, S Mohan wrote:
yes i know. i have removed the ip_conntrack helper modules there (no nat or masq), the point is that ip_conntrack is not a module it's in the kernel. mvh Ronny Aasen > shorewall has a file for including modules that need to be loaded. It also > has files/scripts executed before start and after stop. > > Mohan > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Ronny Aasen > Sent: Wednesday, September 03, 2003 12:16 PM > To: leaf > Cc: Robert Coffman - Info From Data Corporation > Subject: RE: [leaf-user] reduce load on a bering box > > > On Tue, 2003-09-02 at 19:45, Robert Coffman - Info From Data Corporation > wrote: > > I'm not sure I can help with this, but I'd love to know what hardware you > > are running this on. > > > > Actually, I'd love to hear anyone's input on the capacities of their > Bering > > boxes, what they are doing with them, and what hardware they run on. > > > > - Bob Coffman > > well this was a emergency so i threw in whatever i had laying around. > > so this box is currently a > duron 1200 mhz with 4 unex nicks (rtl based) > it's the cheapest possible in norway atm :P > it had 128 mb ram yesterday, but i increased it to 512mb donight. > i increased the ram becouse of ip_conntrack. the default > ip_conntrack_max on a 512 mb box is 32xxx i'v incresed it to 999999 > since i reach 32xxx in a few hours... > > and it handled the load quite nice. > > it's a bering1.2 and boots on a m-system iDOC (flashdisk with ide > interface) highly recomended. since it's no moving parts. > > all my secondary routers (with tc and ospfd) are built on this mashine. > but the traffic on these is not so high. > > my personal wish list for this box would be > -ip_conntrack_timeout somewhere in proc > -module the entire ip_conntrack so one could insmod in pre shorewall > start and rmmod in post shorewall stop. (is this feasible at all ? ) > > > it will probably be replaced with a p4 2.8ghz 512 gb ddr333 and 3c905 > nics when the parts arrive. > > any tips on increasing thruput, packet forwarding rate, and reducing > latency while keeping the box secure is apriciated. > > and if you have questions, just ask, this list as always helped me in > the past :) > > > -- > Ronny Aasen <[EMAIL PROTECTED]> > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Ronny Aasen <[EMAIL PROTECTED]> ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
