[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Reasonable size for state table in pf.conf

To: misc@openbsd.org
Subject: Reasonable size for state table in pf.conf
From: "David A. Ulevitch" <davidu@everydns.net>
Date: Tue, 1 Feb 2005 09:29:35 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What is a reasonable value for a high powered machine with 2gig's of 
ram to have for a state table?

I currently have it set to 100,000 but I think I want it increased to 
about 300,000.

Perhaps I should be tweaking the timeout value also?

Below you'll find the copy of `pfctl -s i`

Thanks,
david

rtr2:~>pfctl -s i
Status: Enabled for 7 days 17:29:53           Debug: Urgent

Hostid: 0x93ada391

State Table                          Total             Rate
   current entries                    80169
   searches                      1365460334         2044.7/s
   inserts                        100049171          149.8/s
   removals                        99969002          149.7/s
Counters
   match                          100415514          150.4/s
   bad-offset                             0            0.0/s
   fragment                               0            0.0/s
   short                               2241            0.0/s
   normalize                              0            0.0/s
   memory                            610143            0.9/s
   bad-timestamp                          0            0.0/s
iD8DBQFB/7x/4/Se51TNr6ERAm+UAJ9kp7Aw0VcARmKtVGSlmd5Lns+wkwCeOYJy
ua5wWtis8vT8NT5iQbwKXo4=
=Tyiu
-----END PGP SIGNATURE-----

Prev by Date: Re: protection against DDoS with Syn-Flood
Next by Date: Re: protection against DDoS with Syn-Flood
Prev by thread: ▶전문대 졸업자인데 학사편입 원하시나요..? ◀
Next by thread: 연체대금 6000만원까지 깔끔하세 36개월분할상환
Index(es):
- Date
- Thread