Skip to content
Snippets Groups Projects
Verified Commit 4816adb6 authored by Evangelos Foutras's avatar Evangelos Foutras :smiley_cat:
Browse files

common: bump nf_conntrack_max to 256k on redirect


The traffic hitting ping.archlinux.org has lately been exhausting its
default nf_conntrack_max limit of 64k. Bump it to 256k (which is also
the default limit found on systems with more than 4G of memory).

Suggested-by: default avatarKristian Klausen <kristian@klausen.dk>
parent 179882ee
No related branches found
No related tags found
1 merge request!634common: bump nf_conntrack_max to 256k on redirect
Pipeline #32233 passed
......@@ -4,3 +4,6 @@ wireguard_public_key: n11Ps2sc0Cxsi1sLaYFq7dkhlDtTnOZCGovRYbzDGR8=
ipv4_address: "95.216.195.133"
ipv6_address: "2a01:4f9:c010:2636::1"
# The default limit of 65536 is too small to handle ping.archlinux.org traffic
nf_conntrack_max: 262144
......@@ -76,6 +76,14 @@
sysctl_file: /etc/sysctl.d/net.conf
when: tcp_wmem is defined
- name: Configure size of connection tracking table
sysctl:
name: net.netfilter.nf_conntrack_max
value: "{{ nf_conntrack_max }}"
sysctl_set: true
sysctl_file: /etc/sysctl.d/net.conf
when: nf_conntrack_max is defined
- name: Create drop-in directories for systemd configuration
file: path=/etc/systemd/{{ item }}.d state=directory owner=root group=root mode=0755
loop:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment