set conntrack table size

author: Niklas Yann Wettengel <niyawe@niyawe.de> 2017-09-09 14:30:28 +0200
committer: Niklas Yann Wettengel <niyawe@niyawe.de> 2017-09-09 14:30:28 +0200
commit: ca323efbf41f894bd4fb137e191c964e4a781fc5 (patch)
tree: 84814bb4e1b6ad731ac5bbb66f987c80addb0c68 /roles/configure_sysctl
parent: 0f8af08cd75bf7cc369b7c4ba87a7d4311f16add (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/roles/configure_sysctl/files/ff.conf b/roles/configure_sysctl/files/ff.conf
index 584bd67..aca9513 100644
--- a/roles/configure_sysctl/files/ff.conf
+++ b/roles/configure_sysctl/files/ff.conf
@@ -19,6 +19,8 @@ net.ipv6.neigh.default.gc_stale_time=3600
 
 # decrease nf_conntrack_tcp_timeout_established - default=432000
 net.netfilter.nf_conntrack_tcp_timeout_established=86400
+net.netfilter.nf_conntrack_max=65536
+net.netfilter.nf_conntrack_buckets=16384
 
 # reboot after kernel panic
 kernel.panic=1
author	Niklas Yann Wettengel <niyawe@niyawe.de>	2017-09-09 14:30:28 +0200
committer	Niklas Yann Wettengel <niyawe@niyawe.de>	2017-09-09 14:30:28 +0200
commit	ca323efbf41f894bd4fb137e191c964e4a781fc5 (patch)
tree	84814bb4e1b6ad731ac5bbb66f987c80addb0c68 /roles/configure_sysctl
parent	0f8af08cd75bf7cc369b7c4ba87a7d4311f16add (diff)