Greetings, colleagues, I want to optimize my connection tracking to lower CPU and active connections without reason. I have a ccr2116 running with fasttrack, 5Gbps of traffic and 217,000 connections at peak times.
What do you think about this modification?
What do you think about this modification?
Code:
generic-timeout=3m \ # Reduce from 10 minutes to 3 minutestcp-established-timeout=30m \ # Reduce from 1 day to 30 minutestcp-close-timeout=5m \ # Reduce from 10 minutes to 5 minutestcp-time-wait-timeout=5m \ # Reduce from 10 minutes to 5 minutestcp-syn-sent-timeout=1m \ # Reduce from 5 minutes to 1 minutetcp-syn-received-timeout=1m \ # Reduce from 5 minutes to 1 minutetcp-fin-wait-timeout=5m \ # Keep at 5 minutestcp-last-ack-timeout=5m \ # Keep at 5 minutestcp-close-timeout=5m \ # Keep at 5 minutestcp-max-retransmit-timeout=5m \ # Keep at 5 minutestcp-unacked-timeout=5m \ # Keep at 5 minutesudp-timeout=15s \ # Keep low for ephemeral trafficudp-stream-timeout=3m \ # Keep at 3 minutes for UDP flowsicmp-timeout=10s \ # Keep at 10 secondsStatistics: Posted by jjpc — Thu Jan 30, 2025 6:26 pm