Home Explore Help
Register Sign In
panda
/
Ansible_PUBLIC
1
1
Fork 0
Files Issues 3 Pull Requests 0 Wiki
Browse Source

added nf_conntrack_max to sysctl

panda 1 year ago
parent
9a73ef0946
commit
10f84a064b
1 changed files with 9 additions and 1 deletions
Split View Show Diff Stats
  1. 9 1
      common.yml

+ 9 - 1
common.yml
View File 

@@ -157,7 +157,7 @@
 
         group: root
 
         mode: '0644'
 
 
-    # Set vm.swappiness to 5 in /etc/sysctl.conf
 
+    # Set vm.swappiness to 0 in /etc/sysctl.conf
 
     - name: "Set swappiness to zero in sysctl.conf"
 
       sysctl:
 
         name: vm.swappiness
 
@@ -165,6 +165,14 @@
 
         state: present
 
         reload: yes
 
         sysctl_file: /etc/sysctl.conf
 
+        
+    - name: "Set nf_conntrack_max to 131072 in sysctl.conf, suitable for max 4gb of ram, conntrack_max = RAMSIZE (in bytes)/16384/2 = 4*1024*1024*1024/16384/2 = 4*32768 = 131072"
 
+      sysctl:
 
+        name: net.netfilter.nf_conntrack_max
 
+        value: '131072'
 
+        state: present
 
+        reload: yes
 
+        sysctl_file: /etc/sysctl.conf
 
 
     - name: Disable IPv6 with sysctl
 
       sysctl: name={{ item }} value=1 state=present reload=yes