<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body>
Hi,<br>
<br>
<div class="moz-cite-prefix">On 17-03-2021 11:53, W Templeton wrote:<br>
</div>
<blockquote type="cite"
cite="mid:VI1PR0701MB68647E76DAAECAE57B324971B06A9@VI1PR0701MB6864.eurprd07.prod.outlook.com">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
1.your OS version <br>
</div>
</blockquote>
<br>
Sure:<br>
<blockquote type="cite">$ cat /etc/debian_version <br>
10.8<br>
</blockquote>
<br>
Basicly: Debian stable with current updates.<br>
<br>
<blockquote type="cite"
cite="mid:VI1PR0701MB68647E76DAAECAE57B324971B06A9@VI1PR0701MB6864.eurprd07.prod.outlook.com">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
2.Debian kernel tweaking</div>
</blockquote>
<br>
Sure:<br>
<blockquote type="cite"># cat 99-router.conf <br>
# Enable IP forwarding for IPv4 and IPv6 AF.<br>
net.ipv4.conf.all.forwarding = 1<br>
net.ipv6.conf.all.forwarding = 1<br>
<br>
# Send ICMP errors from receiving interface and be a nice netizen.<br>
net.ipv4.icmp_errors_use_inbound_ifaddr = 1<br>
<br>
# Disable reverse path filtering.<br>
net.ipv4.conf.all.rp_filter = 0<br>
net.ipv4.conf.default.rp_filter = 0<br>
<br>
# Allow more IPv6 routes.<br>
net.ipv6.route.max_size = 2147483647<br>
<br>
# Allow more network neighbours.<br>
net.ipv4.neigh.default.gc_thresh1=16384<br>
net.ipv4.neigh.default.gc_thresh2=32768<br>
net.ipv4.neigh.default.gc_thresh3=65536<br>
net.ipv6.neigh.default.gc_thresh1=16384<br>
net.ipv6.neigh.default.gc_thresh2=32768<br>
net.ipv6.neigh.default.gc_thresh3=65536<br>
</blockquote>
<br>
<blockquote type="cite"># cat 99-tengige.conf <br>
# 10GB/54MB (56623104)<br>
net.core.rmem_max = 56623104<br>
net.core.wmem_max = 56623104<br>
net.core.rmem_default = 56623104<br>
net.core.wmem_default = 56623104<br>
net.core.optmem_max = 40960<br>
net.ipv4.tcp_rmem = 4096 87380 56623104<br>
net.ipv4.tcp_wmem = 4096 65536 56623104<br>
<br>
# Increase number of incoming connections. The value can be raised
to bursts of request, default is 128<br>
net.core.somaxconn = 1024<br>
<br>
# Increase number of incoming connections backlog, default is 1000<br>
net.core.netdev_max_backlog = 50000<br>
<br>
# Maximum number of remembered connection requests, default is 128<br>
net.ipv4.tcp_max_syn_backlog = 30000<br>
<br>
# Increase the tcp-time-wait buckets pool size to prevent simple
DoS attacks, default is 8192<br>
net.ipv4.tcp_max_tw_buckets = 2000000<br>
<br>
# Recycle and Reuse TIME_WAIT sockets faster, default is 0 for
both<br>
net.ipv4.tcp_tw_recycle = 1<br>
net.ipv4.tcp_tw_reuse = 1<br>
<br>
# Decrease TIME_WAIT seconds, default is 30 seconds<br>
net.ipv4.tcp_fin_timeout = 10<br>
<br>
# Tells the system whether it should start at the default window
size only for TCP connections<br>
# that have been idle for too long, default is 1<br>
net.ipv4.tcp_slow_start_after_idle = 0<br>
<br>
# If your servers talk UDP, also up these limits, default is 4096<br>
net.ipv4.udp_rmem_min = 8192<br>
net.ipv4.udp_wmem_min = 8192<br>
</blockquote>
<br>
<blockquote type="cite"># cat 99-vrrp.conf <br>
# For VRRP.<br>
net.ipv4.ip_nonlocal_bind = 1<br>
</blockquote>
<br>
Cybertinus: maybe you can give insight in your kernel tweaks as
well? (Probably very overlapping.)<br>
<br>
Cheers,<br>
Kees<br>
</body>
</html>