From 8b7937e8a3864d84992e931ace69172ba171d875 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Sun, 25 Jan 2009 19:15:01 +0100 Subject: doc: increase hashtable bucket size and limits in example files This patch details a bit more the hashtable parameters. Moreover, it increases the default size of the hashtable. Signed-off-by: Pablo Neira Ayuso --- doc/sync/alarm/conntrackd.conf | 14 +++++++++----- doc/sync/ftfw/conntrackd.conf | 14 +++++++++----- doc/sync/notrack/conntrackd.conf | 14 +++++++++----- 3 files changed, 27 insertions(+), 15 deletions(-) diff --git a/doc/sync/alarm/conntrackd.conf b/doc/sync/alarm/conntrackd.conf index da11887..ad9bcd9 100644 --- a/doc/sync/alarm/conntrackd.conf +++ b/doc/sync/alarm/conntrackd.conf @@ -135,15 +135,19 @@ Sync { # General { # - # Number of buckets in the caches: hash table. + # Number of buckets in the cache hashtable. The bigger it is, + # the closer it gets to O(1) at the cost of consuming more memory. + # Read some documents about tuning hashtables for further reference. # - HashSize 16384 + HashSize 32768 # - # Maximum number of conntracks: - # it must be >= $ cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max + # Maximum number of conntracks, it should be double of: + # $ cat /proc/sys/net/netfilter/nf_conntrack_max + # since the daemon may keep some dead entries cached for possible + # retransmission during state synchronization. # - HashLimit 65536 + HashLimit 131072 # # Logfile: on (/var/log/conntrackd.log), off, or a filename diff --git a/doc/sync/ftfw/conntrackd.conf b/doc/sync/ftfw/conntrackd.conf index 3c39291..0021ea8 100644 --- a/doc/sync/ftfw/conntrackd.conf +++ b/doc/sync/ftfw/conntrackd.conf @@ -144,15 +144,19 @@ Sync { # General { # - # Number of buckets in the caches: hash table. + # Number of buckets in the cache hashtable. The bigger it is, + # the closer it gets to O(1) at the cost of consuming more memory. + # Read some documents about tuning hashtables for further reference. # - HashSize 16384 + HashSize 32768 # - # Maximum number of conntracks: - # it must be >= $ cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max + # Maximum number of conntracks, it should be double of: + # $ cat /proc/sys/net/netfilter/nf_conntrack_max + # since the daemon may keep some dead entries cached for possible + # retransmission during state synchronization. # - HashLimit 65536 + HashLimit 131072 # # Logfile: on (/var/log/conntrackd.log), off, or a filename diff --git a/doc/sync/notrack/conntrackd.conf b/doc/sync/notrack/conntrackd.conf index f86d17b..b77d589 100644 --- a/doc/sync/notrack/conntrackd.conf +++ b/doc/sync/notrack/conntrackd.conf @@ -125,15 +125,19 @@ Sync { # General { # - # Number of buckets in the caches: hash table. + # Number of buckets in the cache hashtable. The bigger it is, + # the closer it gets to O(1) at the cost of consuming more memory. + # Read some documents about tuning hashtables for further reference. # - HashSize 16384 + HashSize 32768 # - # Maximum number of conntracks: - # it must be >= $ cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max + # Maximum number of conntracks, it should be double of: + # $ cat /proc/sys/net/netfilter/nf_conntrack_max + # since the daemon may keep some dead entries cached for possible + # retransmission during state synchronization. # - HashLimit 65536 + HashLimit 131072 # # Logfile: on (/var/log/conntrackd.log), off, or a filename -- cgit v1.2.3