Bird Centos 8 Replacement recommendations request
W Templeton
wnt at btconnect.com
Wed Mar 17 12:16:27 CET 2021
Thks,
I'm new to Bird and certainly Debian so pls bear with me.
So below shows a number of Debian network stack tweaks for your specific use case, is that fair ?
With kernel tweaks to follow from Cybertinus
@Cybertinus - That would be appreciated.
FYI
Our setup is Anycast based Bird stacks distributed globally linking directly from virtual image to DC hosting provider who we peer with using BGP, with own ASN & IPv4/24 & IPV6/28. Routing wise 1 IPV4 subnet & 1 IPV6 advertised out to DC Host provider to announce on Internet. So basic routing table. Our host address will grow over time up to max 253/4 ish running as dummy entries (in Centos) which are utilised by HAproxy. So a corner case that appears relatively simple routing Bird wise. Appreciate any thoughts etc.
Will
________________________________
From: Kees Meijs | Nefos <kees at nefos.nl>
Sent: 17 March 2021 10:59
To: W Templeton <wnt at btconnect.com>; BIRD Users <bird-users at network.cz>
Cc: Will Templeton <wtempleton at tbscg.com>
Subject: Re: Bird Centos 8 Replacement recommendations request
Hi,
On 17-03-2021 11:53, W Templeton wrote:
1.your OS version
Sure:
$ cat /etc/debian_version
10.8
Basicly: Debian stable with current updates.
2.Debian kernel tweaking
Sure:
# cat 99-router.conf
# Enable IP forwarding for IPv4 and IPv6 AF.
net.ipv4.conf.all.forwarding = 1
net.ipv6.conf.all.forwarding = 1
# Send ICMP errors from receiving interface and be a nice netizen.
net.ipv4.icmp_errors_use_inbound_ifaddr = 1
# Disable reverse path filtering.
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
# Allow more IPv6 routes.
net.ipv6.route.max_size = 2147483647
# Allow more network neighbours.
net.ipv4.neigh.default.gc_thresh1=16384
net.ipv4.neigh.default.gc_thresh2=32768
net.ipv4.neigh.default.gc_thresh3=65536
net.ipv6.neigh.default.gc_thresh1=16384
net.ipv6.neigh.default.gc_thresh2=32768
net.ipv6.neigh.default.gc_thresh3=65536
# cat 99-tengige.conf
# 10GB/54MB (56623104)
net.core.rmem_max = 56623104
net.core.wmem_max = 56623104
net.core.rmem_default = 56623104
net.core.wmem_default = 56623104
net.core.optmem_max = 40960
net.ipv4.tcp_rmem = 4096 87380 56623104
net.ipv4.tcp_wmem = 4096 65536 56623104
# Increase number of incoming connections. The value can be raised to bursts of request, default is 128
net.core.somaxconn = 1024
# Increase number of incoming connections backlog, default is 1000
net.core.netdev_max_backlog = 50000
# Maximum number of remembered connection requests, default is 128
net.ipv4.tcp_max_syn_backlog = 30000
# Increase the tcp-time-wait buckets pool size to prevent simple DoS attacks, default is 8192
net.ipv4.tcp_max_tw_buckets = 2000000
# Recycle and Reuse TIME_WAIT sockets faster, default is 0 for both
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
# Decrease TIME_WAIT seconds, default is 30 seconds
net.ipv4.tcp_fin_timeout = 10
# Tells the system whether it should start at the default window size only for TCP connections
# that have been idle for too long, default is 1
net.ipv4.tcp_slow_start_after_idle = 0
# If your servers talk UDP, also up these limits, default is 4096
net.ipv4.udp_rmem_min = 8192
net.ipv4.udp_wmem_min = 8192
# cat 99-vrrp.conf
# For VRRP.
net.ipv4.ip_nonlocal_bind = 1
Cybertinus: maybe you can give insight in your kernel tweaks as well? (Probably very overlapping.)
Cheers,
Kees
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20210317/7c8d1372/attachment.htm>
More information about the Bird-users
mailing list