A queston on default sysctl settings.

Lowell Gilbert freebsd-questions-local at be-well.no-ip.com
Fri Aug 8 11:08:36 PDT 2003


Chris <racerx at makeworld.com> writes:

> 	Can someone tell me if there is a adverse effect in  setting: 
> net.inet.ip.rtexpire from 3600 to say 5
> 
> And the same with net.inet.ip.rtminexpire fro 10 to say 2 ?
> 
> This would be on an ADSL wire.

You don't want to drop it more than necessary, because otherwise minor
problems will start causing connection establishment to fail.  If
you're having a real problem with packet-spoofing attacks, then I'd
recommend keeping an eye on how low the kernel drops the rtexpire
value, and reduce the default value to just a bit more than that.  If
you're not having problems with such attacks, then there's no real
benefit to making these changes in the first place.


More information about the freebsd-questions mailing list