On 2002-07-26 3:23:27, Paul B. Henson wrote: > thanks for the information. I currently have 1GB in the system, but plan to > remove some as I believe that is more than I need and is actually > decreasing the available kernel memory. > > I just wish I could find some way to determine the optimal amount of > memory. Unfortunately, I guess kernel memory management is too complicated > to have a simple formula indicating that for physical memory X you have > available kernel memory Y.
There's no simple formula that I know of, but you can pretty easily find the limit for a given setup. Set all state timeouts to high values, then run a couple of concurrent nmap's through the firewall. Each invocation will rather quickly use up 65k state entries. The panic occurs reliably at a specific point. I have a 320MB machine and the limit is beyond 256k states. If you really need more states, I guess you could try 512MB. :) Daniel
