git.openwrt.org Git - openwrt/openwrt.git/commit

author	Vincent Pelletier <plr.vincent@gmail.com>
	Sat, 19 Feb 2022 02:06:23 +0000 (02:06 +0000)
committer	Rui Salvaterra <rsalvaterra@gmail.com>
	Fri, 1 Apr 2022 12:23:41 +0000 (13:23 +0100)
commit	15fbb916669dcdfcc706e9e75263ab63f9f27c00
tree	57fdbd70407d0a5f1fb49b5f2942ecbfbe1c3898	tree \| snapshot
parent	56ce110b73970bcd65d309440baada84c8e1504b	commit \| diff

kernel: scale nf_conntrack_max more reasonably

Use the kernel's built-in formula for computing this value.
The value applied by OpenWRT's sysctl configuration file does not scale
with the available memory, under-using hardware capabilities.
Also, that formula also influences net.netfilter.nf_conntrack_buckets,
which should improve conntrack performance in average (fewer connections
per hashtable bucket).

Backport upstream commit for its effect on the number of connections per
hashtable bucket.

Apply a hack patch to set the RAM size divisor to a more reasonable value (2048,
down from 16384) for our use case, a typical router handling several thousands
of connections.

Signed-off-by: Vincent Pelletier <plr.vincent@gmail.com>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>

package/kernel/linux/files/sysctl-nf-conntrack.conf		diff \| blob \| history
target/linux/generic/backport-5.10/612-v5.15-netfilter-conntrack-sanitize-table-size-default-sett.patch	[new file with mode: 0644]	blob
target/linux/generic/hack-5.10/661-kernel-ct-size-the-hashtable-more-adequately.patch	[new file with mode: 0644]	blob
target/linux/generic/hack-5.15/661-kernel-ct-size-the-hashtable-more-adequately.patch	[new file with mode: 0644]	blob