[pve-devel] nf_conntrack_tcp_timeout_established tuning option
Dietmar Maurer
dietmar at proxmox.com
Tue Apr 1 09:36:29 CEST 2014
> by default the nf_conntrack_tcp_timeout_established is quite huge (5days),
>
> cisco firewall have 2hour by default
>
> it could be great to have a tuning option,
>
> I found a doc here:
> https://dev.openwrt.org/ticket/12976
>
> with recommandation of minimum : 7875
>
> tcp_keepalive_time + tcp_keepalive_probes * tcp_keepalive_intvl = 7200 + 9
> * 75 by default)
feel free to send a patch ;-)
More information about the pve-devel
mailing list