❦ 7 mai 2015 13:11 +0100, Neil - HAProxy List
<[email protected]> :
> I'm after a 'definitivish' reference for setting up conntrack
>
> I've been hit by having too small table on some new VMs as ubuntu, by
> default, sizes the table by memory size.
>
> Before that I was completely ignorant of the role of conntrack
>
> Having forced the size got rid off that but leaves me thinking I need
> to understand this better and do I want to track incoming http
> connections at all. Do I just want to conntrack http connections to
> backends?
Do you have a firewall? Otherwise, just don't load the conntrack related
modules (nf_conntrack and friends) or put a simple "iptables -t raw -I
PREROUTING -j NOTRACK" command in a start script.
--
Let the machine do the dirty work.
- The Elements of Programming Style (Kernighan & Plauger)
