Need to improve named performance

G.W. Haywood bind at
Mon Nov 12 12:58:52 UTC 2012

Hi there,

On Mon, 12 Nov 2012, Ed LaFrance wrote:

> ... No idea on ip_conntrack. How do I check and if so, what setting
> should I try and how do I do it?

Look for something like


and cat it to the terminal.  It will just be a number (it's in seconds)
and it's probably 432000 at the moment.  You (root) can change it for
example to one hour by the command

/bin/echo 3600 > /proc/sys/net/netfilter/ip_conntrack_tcp_timeout_established

If it's to persist across a reboot you'll need to put the command in a
startup script such as rc.local or find out where the default settings
are in your system and tweak it there.

"something like" means that the name of the (virtual) file has changed
over the years and it might now be nf_conntrack_tcp_timeout_established
on your system.

Search the Web for this setting - it's a very specific term - and
you'll find that there are many other ways to tinker with TCP/IP. :)



More information about the bind-users mailing list