git.openwrt.org Git - openwrt/staging/pepe2k.git/commit

author	Vincent Pelletier <plr.vincent@gmail.com>
	Sat, 19 Feb 2022 02:06:23 +0000 (02:06 +0000)
committer	Rui Salvaterra <rsalvaterra@gmail.com>
	Thu, 11 Aug 2022 20:54:09 +0000 (21:54 +0100)
commit	0855549b4bdfb7ff0aacfcfe888919c4060ed102
tree	ddd7a97ad1b79970a826d7f573b15476c7c0f07b	tree \| snapshot
parent	0179ba7851631416c6f095a9bdd22377d68a0455	commit \| diff

kernel: scale nf_conntrack_max more reasonably

Use the kernel's built-in formula for computing this value.
The value applied by OpenWRT's sysctl configuration file does not scale
with the available memory, under-using hardware capabilities.
Also, that formula also influences net.netfilter.nf_conntrack_buckets,
which should improve conntrack performance in average (fewer connections
per hashtable bucket).

Backport upstream commit for its effect on the number of connections per
hashtable bucket.

Apply a hack patch to set the RAM size divisor to a more reasonable value (2048,
down from 16384) for our use case, a typical router handling several thousands
of connections.

Signed-off-by: Vincent Pelletier <plr.vincent@gmail.com>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit 15fbb916669dcdfcc706e9e75263ab63f9f27c00)

package/kernel/linux/files/sysctl-nf-conntrack.conf		diff \| blob \| history
target/linux/generic/backport-5.10/612-v5.15-netfilter-conntrack-sanitize-table-size-default-sett.patch	[new file with mode: 0644]	blob
target/linux/generic/hack-5.10/661-kernel-ct-size-the-hashtable-more-adequately.patch	[new file with mode: 0644]	blob