enable ipv6 routing

author: Niklas Yann Wettengel <niyawe@niyawe.de> 2017-07-02 15:05:58 +0200
committer: Niklas Yann Wettengel <niyawe@niyawe.de> 2017-07-02 15:05:58 +0200
commit: d18d1ffd4f1a902b8dc555bbc7fe25e471920780 (patch)
tree: 23ec8a820e57d0c63ec636d0bc6ecc1c4a105323
parent: c5748a7c09230ebb882bc37b5cc9ed9c2543a4d9 (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/roles/configure_sysctl/files/ff.conf b/roles/configure_sysctl/files/ff.conf
index edd39b2..a80a925 100644
--- a/roles/configure_sysctl/files/ff.conf
+++ b/roles/configure_sysctl/files/ff.conf
@@ -1,10 +1,21 @@
 net.ipv4.ip_forward=1
-#net.ipv6.conf.all.forwarding=1
+
+net.ipv6.conf.all.forwarding=1
+
+net.ipv6.conf.all.autoconf = 0
+net.ipv6.conf.default.autoconf = 0
+
+net.ipv6.conf.all.accept_ra = 0
+net.ipv6.conf.default.accept_ra = 0
+
 net.ipv6.neigh.default.gc_thresh3=4096
 net.ipv6.neigh.default.gc_thresh2=2048
 net.ipv6.neigh.default.gc_thresh1=1024
 net.ipv6.neigh.default.gc_interval=3600
 net.ipv6.neigh.default.gc_stale_time=3600
 
+# decrease nf_conntrack_tcp_timeout_established - default=432000
+net.netfilter.nf_conntrack_tcp_timeout_established=86400
+
 # reboot after kernel panic
 kernel.panic=1
author	Niklas Yann Wettengel <niyawe@niyawe.de>	2017-07-02 15:05:58 +0200
committer	Niklas Yann Wettengel <niyawe@niyawe.de>	2017-07-02 15:05:58 +0200
commit	d18d1ffd4f1a902b8dc555bbc7fe25e471920780 (patch)
tree	23ec8a820e57d0c63ec636d0bc6ecc1c4a105323
parent	c5748a7c09230ebb882bc37b5cc9ed9c2543a4d9 (diff)