Mysterious reboot

Mike Loiterman mike at
Thu Feb 16 13:18:19 PST 2006

Giorgos Keramidas <mailto:keramida at> wrote:
> On 2006-02-16 14:32, Mike Loiterman <mike at> wrote:
>> Wouter Spierenburg <mailto:wouter at> wrote:
>>> Try adding the following to /etc/sysctl.conf:
>>> kern.maxfiles=65535
>>> kern.maxfilesperproc=20000
>>> net.inet.tcp.delayed_ack=0
>>> net.inet.ip.maxfragpackets=10
>>> kern.ipc.somaxconn=2048
>>> then 'cd' to /usr/src/sys/i386/conf
>>> vi SERVER
>>> and add the following lines at the bottom of the file: options     
>>> TCPDEBUG options         RANDOM_IP_ID
>>> options         TCP_DROP_SYNFIN
>>> options         NMBCLUSTERS=65535
>>> options         NMBUFS=40960
>>> save the file, and follow these steps:
>>> /usr/sbin/config -g SERVER
>>> cd ../../compile/SERVER
>>> make depend
>>> make
>>> make install
>>> #if all went well:
>>> reboot
>>> The system will then come back up with tuned parameters, allowing
>>> more in/outbound connections and better packethandling.
>> Before I make these changes, I would like to just get a second
>> opinion from the list about their value and what impact, if any,
>> they might have on system stability, compatibility, etc.
>> Wouter, please do not take offense to this!  I sincerely appreciate
>> your advice, but this is a production system, so I'm careful about
>> what changes I make when I don't explicitly understand what is going
>> on. I'm not familure with a few of those options.
> I'm not sure if the options are useful for your setup, so I'm
> not going
> to comment for or against them.

Well, the server is an email/web server primarily.  Not a huge load, but I
want to be hardened against DOS attacks...would these help?

Mike Loiterman
Tel: 630-302-4944
Fax: 773-442-0992
Email: mike at
PGP Key: 0xD1B9D18E

More information about the freebsd-questions mailing list