Freephile Wiki

Netdata: Difference between revisions

Browse history interactively
← Older editNewer edit →
VisualWikitext
add references section
m Text replacement - "<(\/?)source" to "<$1syntaxhighlight"
Tags: Mobile edit Mobile web edit
Line 33: Line 33:
   
   
=== HAProxy ===
=== HAProxy ===
<source lang="python">
<syntaxhighlight lang="python">
frontend netdata  
frontend netdata  
         bind *:20000 ssl crt /etc/haproxy/certs/wiki.freephile.org.pem
         bind *:20000 ssl crt /etc/haproxy/certs/wiki.freephile.org.pem
Line 41: Line 41:
backend netdata-back  
backend netdata-back  
         server nd1 127.0.0.1:19999
         server nd1 127.0.0.1:19999
</source>
</syntaxhighlight>


=== Kernel ===
=== Kernel ===
Line 92: Line 92:
Also, you should modify your firewall to drop invalid packets before they're either counted (by netstats) or dropped (by the kernel).
Also, you should modify your firewall to drop invalid packets before they're either counted (by netstats) or dropped (by the kernel).


<source lang="bash">
<syntaxhighlight lang="bash">
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
ip6tables -A INPUT -m conntrack --ctstate INVALID -j DROP
ip6tables -A INPUT -m conntrack --ctstate INVALID -j DROP
iptables -A INPUT -m tcp -p tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j DROP
iptables -A INPUT -m tcp -p tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j DROP
ip6tables -A INPUT -m tcp -p tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j DROP
ip6tables -A INPUT -m tcp -p tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j DROP
</source>
</syntaxhighlight>


Following the advice from NASA at https://wiki.earthdata.nasa.gov/display/HDD/SOMAXCONN, I increased my somaxconn kernel parameter to 1024 from 128
Following the advice from NASA at https://wiki.earthdata.nasa.gov/display/HDD/SOMAXCONN, I increased my somaxconn kernel parameter to 1024 from 128
<source lang="bash">
<syntaxhighlight lang="bash">
  cat /proc/sys/net/core/somaxconn
  cat /proc/sys/net/core/somaxconn
  128
  128
  sysctl -w net.core.somaxconn=1024
  sysctl -w net.core.somaxconn=1024
</source>
</syntaxhighlight>


[[File:Tcp state diagram fixed.svg|600px|TCP State diagram]]
[[File:Tcp state diagram fixed.svg|600px|TCP State diagram]]
Retrieved from "https://wiki.freephile.org/wiki/Netdata"