Ahmed Kamal wrote:
Hello, I will be NAT'ing 2000 users through a rhel5 box as our router is not able to handle the load. What's the recommended settings for that?! I imagine I will need to decrease the connection tracking time, and increase the total number of tracked connections?! Any advice is highly appreciated Thanks guys
I've not had anything like that number of users, and if I had it wouldn't necessarily reflect the adequacy of your system it depends a lot on what your users do. Heavy downloaders have different requirements from casual email and web browsers - email users might not impact the NAT functionality at all.
I'd start with installing shorewall; in fact I will be doing just that shortly.
I also block traffic in both directions, allowing just that traffic that's needed. And that applies equally to my home connexion, running CentOS4.
If every someone gets _in_ through my security, they still need to be able to run traffic _out_ to cause any mischief. It's also a handy indicator if someone attaches a virus-infected laptop to the network.
-- Cheers John -- spambait [EMAIL PROTECTED] [EMAIL PROTECTED] -- Advice http://webfoot.com/advice/email.top.php http://www.catb.org/~esr/faqs/smart-questions.html http://support.microsoft.com/kb/555375 You cannot reply off-list:-) _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
