- 论坛徽章:
- 0
|
雕虫小技,只是发现没有这方面的帖子。才写出来和大家分享。
前言:
一日,和同学吃饭。他谈及这个问题,我愤愤地说是腾讯的公司的服务器有问题。勿之。翌日,查资料发现系我的错。歉之,而后作。
正文:
查相关资料得到Solaris 9 下IPF的默认配置:
ipf.fr_flags: 0
ipf.fr_pass: 514
ipf.fr_active: 0
ipf.fr_tcpidletimeout: 864000
ipf.fr_tcpclosewait: 480
ipf.fr_tcplastack: 480
ipf.fr_tcptimeout: 480
ipf.fr_tcpclosed: 120
ipf.fr_tcphalfclosed: 14400
ipf.fr_udptimeout: 240
ipf.fr_udpacktimeout: 24
ipf.fr_icmptimeout: 120
ipf.fr_icmpacktimeout: 12
ipf.fr_defnatage: 1200
ipf.fr_ipfrttl: 120
ipf.ipl_unreach: 13
ipf.fr_running: 1
ipf.fr_authsize: 32
ipf.fr_authused: 0
ipf.fr_defaultauthage: 600
ipf.fr_chksrc: 0
ipf.ippr_ftp_pasvonly: 0
ipf.fr_minttl: 3
ipf.fr_minttllog: 1
QQ延时和IPF的timeout的设置有关系,同时为了加速加了如下的设置:
bash-2.05# vi /etc/sysem
* ipf: adjust the default tcp timeouts downward so that
* idle (dead) and half closed states get killed off quicker.
set ipf:fr_tcpidletimeout = 172800
set ipf:fr_tcphalfclosed = 7200
*
* ipf: adjust the state table sizes so we have enough buckets.
* IPSTATE_MAX (=fr_statemax) should be ~70% of IPSTATE_SIZE
* IPSTATE_SIZE (=fr_statesize) has to be a prime number
set ipf:fr_statemax = 7000
set ipf:fr_statesize = 10009
*
* ipf: adjust the NAT table sizes so we have enough buckets.
* generally you have fewer than 127 rules in ipnat.conf
* so no need to waste memory for more.
set ipf:ipf_nattable_sz = 10009
set ipf:ipf_natrules_sz = 127
set ipf:ipf_rdrrules_sz = 127
*
* note that the timers run "2 ticks to a second", so
* for example, written below is the following:
* set ipf:fr_tcpidletimeout = 172800
* this sets the tcp idle connection timeout to
* (172800/2) / 3600 = 24 hours.
*
set ipf:fr_udptimeout=2400
set ipf:fr_udpacktimeout=240
bash-2.05# init 6
QQ 工作正常。 |
|
免费注册
发表于 2005-05-18 12:12