I know this has come up in the past but I haven't been able to track down a definitive answer (I'm sure there's a reason why), so I'll ask the question again.
Given a i386 kernel, assume I can toss as much RAM at the box as needed (I know this isn't the limitation, it's a kernel memory issue), what's the maximum I can set the state table size to? I have a couple boxes that are running around 200K states with the limit set at 256K. I expect that I will see a growth in that state table size as the traffic to the servers behind these machines increases during our peak season. I can tune the tcp.closed parameter a bit on the external rules as 75% of these states are fin_wait_2:fin_wait_2, but before I start messing with that I'd rather increase the state limit some more. I can also try adaptive timeouts on those rules, but I'm more than a little paranoid about having the system dynamically change timeout values. Any suggestions on what the max might be and how I can monitor the system to see where I'm at in relationship to the max (if there's no hard number, I'm guessing the number depends on hardware and other system options that affect kernel memory). --Bill
