http://www.checkpoint.com/techsupport/documentation/FW-1_VPN-1_performance.html
This guide combines the Solaris performance and security tuning guides, but focuses specifically on the settings that effect your firewall performance.
Settings like:
- Tuning the STREAMS queues for high-throughput VPN-1 gateways
- set sq_max_size = 100 (for a Solaris gateway with 256MB RAM)
- Tuning the TCP hiwater parameters for maximal throughput
- ndd -set /dev/tcp tcp_xmit_hiwat 65535 (default 8192)
- ndd -set /dev/tcp tcp_recv_hiwat 65535 (default 8192)
- Tuning the TCP Slow Start and TCP queue sizes
- set tcp:tcp_conn_hash_size = 16384
- ndd -set /dev/tcp tcp_slow_start_initial 2 (default 1)
- ndd -set /dev/tcp tcp_conn_req_max_q 1024 (default 128)
- ndd -set /dev/tcp tcp_conn_req_max_q0 4096 (dafault 1024)
- ndd -set /dev/tcp tcp_time_wait_interval 60000 (default 240000)
No comments:
Post a Comment