|
Hello,
On Sun, 5 Nov 2000, Laurent Lefoll wrote:
> So, just to be sure I understand everything, I can have a total 40960 entries
> (default value or depending on the amount of memory ?) but only 4096 to any
> external service. I suppose it's the same for TCP ? When you say 40960 total
Yes, for example:
maddr:61000 -> www_remote:80 \
..................... - 4096 entries to same remote service
maddr:65095 -> www_remote:80 /
You understand that there can't be two connections with same end
addresses (proto/ip:port).
> entries, is it only for one protocol (so 40960 UDP + 40960 TCP) or is it for
> both protocol ?
40960 UDP + 40960 TCP + 40960 ICMP
You can increase these limits by altering ip_masq.c:PORT_MASQ_MUL:
atomic_t ip_masq_free_ports[3] = {
ATOMIC_INIT((PORT_MASQ_END-PORT_MASQ_BEGIN) * PORT_MASQ_MUL),/* UDP */
ATOMIC_INIT((PORT_MASQ_END-PORT_MASQ_BEGIN) * PORT_MASQ_MUL),/* TCP */
ATOMIC_INIT((PORT_MASQ_END-PORT_MASQ_BEGIN) * PORT_MASQ_MUL),/* ICMP */
};
4096=PORT_MASQ_END-PORT_MASQ_BEGIN
Don't tell me, I know, there is something wrong in these calcs
but this is not fatal.
> I agree that in my case an internal DNS will be the best solution and I plan
> to
> do that, but in the case I would like to play whith these values, do I need to
> look in the source code, or is there a way to tune them "dynamically" ?
These settings are still not exported to the user.
>
> Are there some documents or links which could have answered these questions ?
http://marc.theaimsgroup.com/?l=linux-virtual-server&m=95828685509428&w=2
You can browse the LVS mail list from May 2000, there are some
postings related to the masq limits under these subjects:
lvs bottlekneck
masquerading table slowdown
The parameters that can be tuned:
masq port range:
PORT_MASQ_BEGIN
PORT_MASQ_END
number of entries (complex)
PORT_MASQ_MUL
connection hash table size
IP_MASQ_TAB_SIZE
Everything is used in net/ipv4/ip_masq.c
> Best Regards,
> Laurent LE FOLL
Regards
--
Julian Anastasov <ja@xxxxxx>
|
