[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Reasonable size for state table in pf.conf

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Reasonable size for state table in pf.conf
From: "David A. Ulevitch" <davidu_(_at_)_everydns_(_dot_)_net>
Date: Tue, 1 Feb 2005 09:29:35 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What is a reasonable value for a high powered machine with 2gig's of ram to have for a state table?

I currently have it set to 100,000 but I think I want it increased to about 300,000.

Perhaps I should be tweaking the timeout value also?

Below you'll find the copy of `pfctl -s i`

Thanks,
david

rtr2:~>pfctl -s i
Status: Enabled for 7 days 17:29:53           Debug: Urgent

Hostid: 0x93ada391

State Table                          Total             Rate
  current entries                    80169
  searches                      1365460334         2044.7/s
  inserts                        100049171          149.8/s
  removals                        99969002          149.7/s
Counters
  match                          100415514          150.4/s
  bad-offset                             0            0.0/s
  fragment                               0            0.0/s
  short                               2241            0.0/s
  normalize                              0            0.0/s
  memory                            610143            0.9/s
  bad-timestamp                          0            0.0/s
iD8DBQFB/7x/4/Se51TNr6ERAm+UAJ9kp7Aw0VcARmKtVGSlmd5Lns+wkwCeOYJy
ua5wWtis8vT8NT5iQbwKXo4=
=Tyiu
-----END PGP SIGNATURE-----

Prev by Date: Re: page fault in RAMDISK_CD kernel on latest snapshot
Next by Date: Re: protection against DDoS with Syn-Flood
Previous by thread: Re: page fault in RAMDISK_CD kernel on latest snapshot
Next by thread: Re: protection against DDoS with Syn-Flood
Index(es):
- Date
- Thread

Visit your host, monkey.org