On Tue, 2007-09-11 at 13:43 -0400, Ken Price wrote: > >> My best tip for tuning performance: > >> > >> Don't until performance becomes an issue otherwise you have no > >> basis of determining whether performance has improved. > > > > Let me add a second tip: > > > > Don't tune a parameter unless you know what is does. > > > > While probably not popular, those are very good tips. > > I can give you some comparative performance info using CentOS3 and > CentOS4. CentOS5 will probably give equal or slightly better > performance depending on specific configurations. > > Harware: > 4 Dell PowerEdge 350's (2 routers, 2 NAT firewalls) > PIII-850 > 512 Mb RAM > > Bandwidth: > Average 25-35Mbps > Peak 80Mbps sustained for 1-2 hours > 10k-25k connections > > NAT Firewall: > CPU usage approx 2-8% > > Router: > CPU usage approx 2-4% > > With the above specs, I was approaching the connection threshold with > 512Mb RAM (32768 = theoretical max) and beginning to drop connections. > This was quickly fixed by adding an additional 512Mb RAM and > adjusting the CONNTRACK_MAX accordingly. > > Hope this helps. All boxes were running Keepalived for failover. > Fairly straight forward routing so no software used except routing > tables, IP, and IP forwarding. > > Hope this helps! > -Ken > Ken, In your configuration did you tune any sysctl settings or leave with defaults? Graham Johnston Manager, Network Services Westman Communications Group 204.571.7225 johnstong at westmancom.com