NAT performance tweaks

Eric Anderson anderson at
Mon May 5 07:41:58 PDT 2003

Does anyone have any tweaks they apply to NAT firewalls that pass a lot 
of connections through them?  Here's the ony tweak I have in place 
already, but I'm not sure they're needed yet (or if there are any tweaks 
needed at all):

sysctl kern.ipc.somaxconn=8192

Most connections being passed through this box are http requests, mail, 
ftp, and ssh connections.

Any hints?


Eric Anderson	   Systems Administrator      Centaur Technology
Attitudes are contagious, is yours worth catching?

More information about the freebsd-performance mailing list