06-27-2014 07:33 AM - edited 06-27-2014 08:48 AM
Any recommendations for an ER-Pro that will have possibly hundreds of thousands of connections going through it for NAT?
Currently I have 14,990 entries... at peak I've seen this as high as 18,000. Any tweaks to make this work right? In the past I've seen it lock up (no traffic passed until - I assume, conntracks cleared).
06-27-2014 08:59 AM
Maybe time to do some kernel tuning. Getting any kernel error messages (OOM, etc.)?
06-27-2014 09:30 AM
If you haven't tweaked any of the "system conntrack" settings, you can try those, for example, "set system conntrack table-size 262144". There are also "hash-size" (default might be fine) and "expect-table-size".