> by default the nf_conntrack_tcp_timeout_established is quite huge (5days), > > cisco firewall have 2hour by default > > it could be great to have a tuning option, > > I found a doc here: > https://dev.openwrt.org/ticket/12976 > > with recommandation of minimum : 7875 > > tcp_keepalive_time + tcp_keepalive_probes * tcp_keepalive_intvl = 7200 + 9 > * 75 by default)
feel free to send a patch ;-) _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
