From c5ed917c8ea57db40b4812a2b42879983b4620dc Mon Sep 17 00:00:00 2001 From: Niklas Yann Wettengel Date: Tue, 6 Mar 2018 18:30:39 +0100 Subject: resize max conntrack --- roles/configure_sysctl/files/ff.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'roles/configure_sysctl/files') diff --git a/roles/configure_sysctl/files/ff.conf b/roles/configure_sysctl/files/ff.conf index aca9513..c1a583a 100644 --- a/roles/configure_sysctl/files/ff.conf +++ b/roles/configure_sysctl/files/ff.conf @@ -19,8 +19,8 @@ net.ipv6.neigh.default.gc_stale_time=3600 # decrease nf_conntrack_tcp_timeout_established - default=432000 net.netfilter.nf_conntrack_tcp_timeout_established=86400 -net.netfilter.nf_conntrack_max=65536 -net.netfilter.nf_conntrack_buckets=16384 +net.netfilter.nf_conntrack_max=1048576 +net.netfilter.nf_conntrack_buckets=131072 # reboot after kernel panic kernel.panic=1 -- cgit v1.2.3-54-g00ecf