174 lines
3.5 KiB
HTML
174 lines
3.5 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>( Requirements ) - What are the minimum hardware requirements and any
|
|
limitations for IP Masquerade? How well does it perform?</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|
REL="HOME"
|
|
TITLE="Linux IP Masquerade HOWTO"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Frequently Asked Questions"
|
|
HREF="faq.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="( Distro ) - What Linux Distributions support IP Masquerading?"
|
|
HREF="masq-supported-distributions.html"><LINK
|
|
REL="NEXT"
|
|
TITLE='( Errors ) - When I run my specific rc.firewall-* ruleset, I get
|
|
"command not found" errors.
|
|
Why?'
|
|
HREF="faq-command-not-found.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
SUMMARY="Header navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Linux IP Masquerade HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="masq-supported-distributions.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 7. Frequently Asked Questions</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="faq-command-not-found.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="FAQ-HARDWARE"
|
|
></A
|
|
>7.2. ( Requirements ) - What are the minimum hardware requirements and any
|
|
limitations for IP Masquerade? How well does it perform?</H1
|
|
><P
|
|
>A 486/66 box with 16MB of RAM was more than sufficient to fill a 1.54Mb/s T1
|
|
100%! MASQ has also been known to run quite well on 386SX-16s with 8MB of
|
|
RAM. Yet, it should be noted that Linux IP Masquerade starts thrashing the
|
|
system with more than 500 MASQ entries. </P
|
|
><P
|
|
>The only application that I know which can temporarily break Linux IP
|
|
Masquerade, is GameSpy. Why? When it refreshes its lists, it creates 10,000s
|
|
of quick connections in a VERY short period of time. Until these sessions
|
|
timeout, the MASQ tables become "FULL". See <A
|
|
HREF="no-free-ports.html"
|
|
>Section 7.23</A
|
|
> of
|
|
the FAQ for more details.</P
|
|
><P
|
|
>While we are at it:</P
|
|
><P
|
|
>There is a hard limit of 4096 concurrent connections each for TCP & UDP.
|
|
This limit can be changed by fiddling the values in <STRONG
|
|
>/usr/src/linux/net/ipv4/ip_masq.h</STRONG
|
|
> - a maximum limit of 32000 should
|
|
by OK. If you want to change the limit - you need to change the PORT_MASQ_BEGIN
|
|
& PORT_MASQ_END values to get an appropriately sized range above 32K and
|
|
below 64K.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="masq-supported-distributions.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
ACCESSKEY="H"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="faq-command-not-found.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>( Distro ) - What Linux Distributions support IP Masquerading?</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="faq.html"
|
|
ACCESSKEY="U"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>( Errors ) - When I run my specific rc.firewall-* ruleset, I get
|
|
"command not found" errors.
|
|
Why?</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |