[Nottingham] Linux number of forwarded net connections limit
Dylan Swift
dylan.swift at gmail.com
Tue Oct 11 13:33:11 UTC 2011
Hi Martin,
dusting off the mental cobwebs, I believe the number of ports available in
the kernel by default is 32k (32 * 1024), but that can be increased to 64k
(65535) with the appropriate tuning. However I don't know if this applies to
forwarding or just applications.
It also means that should the number of connections through the gateway be
exceeded, you would also be unable to login remotely as this would require
another port.
Note I have also only seen this as an issue on servers with massive numbers
of connections (ie webservers for popular web sites)
Have you looked into more advanced iptables scripting to see if what you
require is possible?
Cheers
Dylan
On 11 October 2011 14:16, Martin <martin at ml1.co.uk> wrote:
> Folks,
>
> Anyone know this one?
>
>
> For a Linux box acting as a gateway between two networks, how can I
> limit the maximum number of simultaneous connections between the two
> networks? (No NAT, connecting two network segments with different IP
> ranges.)
>
> Or if it is doing NAT, can I limit the maximum number of NAT entries
> to refuse additional connections gracefully?
>
> And... Can I prioritise certain destination ports over others for
> being allowed one of the limited number of forwardings?
>
>
> There is "tc" which is ideal for doing bandwidth management. Is there
> any similar trickery for the maximum number of network
> connections/forwards?
>
> Aside: Out of curiosity, how many simultaneous connections can a Linux
> kernel handle? What is the limiting factor?
>
>
> Cheers,
> Martin
>
> _______________________________________________
> Nottingham mailing list
> Nottingham at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/nottingham
>
--
http://about.me/dylanswift
http://tungle.me/dylanswift
http://emailcharter.org/index.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/nottingham/attachments/20111011/3a409375/attachment.htm>
More information about the Nottingham
mailing list