Ben's notes

Linux, Unix, network, radio...

User Tools

Site Tools

Trace:
centos7_firewall_high_traffic_ntp

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
centos7_firewall_high_traffic_ntp [2015/09/03 12:20] admincentos7_firewall_high_traffic_ntp [2015/09/15 12:04] – [Disable connection tracking in RouterOS (Mikrotik)] admin
Line 3: Line 3:
  
 =====CentOS 7 - high traffic NTP and netfilter===== =====CentOS 7 - high traffic NTP and netfilter=====
-It was not so trivial (for me) to modify firewalld for a high traffic NTP sever. The default firewalld ntp service uses connection tracking. Something you don't want when managing high traffic. This page describes how to disable connection tracking.+The default firewalld ntp service uses connection tracking. Something you don't want when managing high traffic. This page describes how to disable connection tracking.
  
 {{::nf_conntrack.png?nolink|nf_contrack count percentage}}\\ {{::nf_conntrack.png?nolink|nf_contrack count percentage}}\\
Line 64: Line 64:
 net.netfilter.nf_conntrack_count = 2 net.netfilter.nf_conntrack_count = 2
 net.netfilter.nf_conntrack_max = 65536</code> net.netfilter.nf_conntrack_max = 65536</code>
 +====Disable connection tracking in RouterOS (Mikrotik)====
 +  * Add [[http://wiki.mikrotik.com/wiki/Manual:Fast_Path|fasttrack action]] before accepting connection.
 +
centos7_firewall_high_traffic_ntp.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1