From 8b7937e8a3864d84992e931ace69172ba171d875 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sun, 25 Jan 2009 19:15:01 +0100
Subject: doc: increase hashtable bucket size and limits in example files

This patch details a bit more the hashtable parameters. Moreover,
it increases the default size of the hashtable.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 doc/sync/alarm/conntrackd.conf | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

(limited to 'doc/sync/alarm/conntrackd.conf')

diff --git a/doc/sync/alarm/conntrackd.conf b/doc/sync/alarm/conntrackd.conf
index da11887..ad9bcd9 100644
--- a/doc/sync/alarm/conntrackd.conf
+++ b/doc/sync/alarm/conntrackd.conf
@@ -135,15 +135,19 @@ Sync {
 #
 General {
 	#
-	# Number of buckets in the caches: hash table.
+	# Number of buckets in the cache hashtable. The bigger it is,
+	# the closer it gets to O(1) at the cost of consuming more memory.
+	# Read some documents about tuning hashtables for further reference.
 	#
-	HashSize 16384
+	HashSize 32768
 
 	#
-	# Maximum number of conntracks: 
-	# it must be >= $ cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
+	# Maximum number of conntracks, it should be double of: 
+	# $ cat /proc/sys/net/netfilter/nf_conntrack_max
+	# since the daemon may keep some dead entries cached for possible
+	# retransmission during state synchronization.
 	#
-	HashLimit 65536
+	HashLimit 131072
 
 	#
 	# Logfile: on (/var/log/conntrackd.log), off, or a filename
-- 
cgit v1.2.3