<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML ><HEAD ><TITLE >( Requirements ) - What are the minimum hardware requirements and any limitations for IP Masquerade? How well does it perform?</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK REL="HOME" TITLE="Linux IP Masquerade HOWTO" HREF="index.html"><LINK REL="UP" TITLE="Frequently Asked Questions" HREF="faq.html"><LINK REL="PREVIOUS" TITLE="( Distro ) - What Linux Distributions support IP Masquerading?" HREF="masq-supported-distributions.html"><LINK REL="NEXT" TITLE='( Errors ) - When I run my specific rc.firewall-* ruleset, I get "command not found" errors. Why?' HREF="faq-command-not-found.html"></HEAD ><BODY CLASS="SECT1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >Linux IP Masquerade HOWTO</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="masq-supported-distributions.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" >Chapter 7. Frequently Asked Questions</TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="faq-command-not-found.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="FAQ-HARDWARE" ></A >7.2. ( Requirements ) - What are the minimum hardware requirements and any limitations for IP Masquerade? How well does it perform?</H1 ><P >A 486/66 box with 16MB of RAM was more than sufficient to fill a 1.54Mb/s T1 100%! MASQ has also been known to run quite well on 386SX-16s with 8MB of RAM. Yet, it should be noted that Linux IP Masquerade starts thrashing the system with more than 500 MASQ entries. </P ><P >The only application that I know which can temporarily break Linux IP Masquerade, is GameSpy. Why? When it refreshes its lists, it creates 10,000s of quick connections in a VERY short period of time. Until these sessions timeout, the MASQ tables become "FULL". See <A HREF="no-free-ports.html" >Section 7.23</A > of the FAQ for more details.</P ><P >While we are at it:</P ><P >There is a hard limit of 4096 concurrent connections each for TCP & UDP. This limit can be changed by fiddling the values in <STRONG >/usr/src/linux/net/ipv4/ip_masq.h</STRONG > - a maximum limit of 32000 should by OK. If you want to change the limit - you need to change the PORT_MASQ_BEGIN & PORT_MASQ_END values to get an appropriately sized range above 32K and below 64K.</P ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="masq-supported-distributions.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="faq-command-not-found.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >( Distro ) - What Linux Distributions support IP Masquerading?</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="faq.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >( Errors ) - When I run my specific rc.firewall-* ruleset, I get "command not found" errors. Why?</TD ></TR ></TABLE ></DIV ></BODY ></HTML >