A queston on default sysctl settings.
Lowell Gilbert
freebsd-questions-local at be-well.no-ip.com
Fri Aug 8 11:08:36 PDT 2003
Chris <racerx at makeworld.com> writes:
> Can someone tell me if there is a adverse effect in setting:
> net.inet.ip.rtexpire from 3600 to say 5
>
> And the same with net.inet.ip.rtminexpire fro 10 to say 2 ?
>
> This would be on an ADSL wire.
You don't want to drop it more than necessary, because otherwise minor
problems will start causing connection establishment to fail. If
you're having a real problem with packet-spoofing attacks, then I'd
recommend keeping an eye on how low the kernel drops the rtexpire
value, and reduce the default value to just a bit more than that. If
you're not having problems with such attacks, then there's no real
benefit to making these changes in the first place.
More information about the freebsd-questions
mailing list