Stuart Henderson [stu@spacehopper.org] wrote:
>
> Oh watch out with sloppy. Keep an eye on your state table size.
Really? Wouldn't sloppy keep the state table smaller if anything since it's tracking less specifically?
Anyways I use sloppy across four boxes that run in parallel with pfsync. There could easily be 10,000 devices behind it at any given time. I keep my state table limit at 1,000,000. It's around 300,000 during this lighter traffic period today. I had to do sloppy after moving to several boxes in parallel, I didn't notice sloppy making any significant difference?
Chris
No comments:
Post a Comment