>Date: Mon, 28 Apr 1997 11:28:45 -0400 From: jonesmd @
newman (Mike Jones)
>Subject: Gauntlet speed?
>I'm looking for anyone who has experience with Gauntlet on a T3
>connection, preferably on SGI hardware.
>Any information will be greatly appreciated. - --
Start with the WebForce server tuning white paper(go to www.sgi.com and
search for WebFORCE Server Tuning), make sure you have the
latest networking, tcp, kernel, bind, rpcbind and all the security patches
loaded BEFORE you install gauntlet. Make sure, even though you have the
latest rpcbind patch installed, that you ARE NOT running rpcbind. Drop
tcp_sendspace and tcp_recvspace (/var/sysgen/master.d/bsd) to the MTU of
your upstream router or 8k , whichever is less. Look at hardcoding mbufs
to at least 1/8 of physical memory. Make sure your keep alive timeout is
set to 10 minutes. Hopefully you have a recent SGI with a >10MB interface
so that the NIC isn't your bottleneck. 96MB of ram is barely enough for a
firewall capable of supporting ~100 users doing http-gw/ftp-gw/smap/mail
forwarding. I would recommend a minimum of 128MB. If you aren't
thouroughly familiar with DNS configuration, hire someone to help you know
before you get yourself into trouble. If ipfilterd isn't running, you have
Other than those suggestions, what is your question?
Eric Kimminau kimminau @