Tuning EC2 ipsec and nat instances
Working on optimizing NAT and IPSEC kernel settings: ## reference URLs: # https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt # https://www.kernel.org/doc/Documentation/networking/nf_conntrack-sysctl.txt # net.core.rmem_default = 8388608 net.core.rmem_max = 8388608 net.core.wmem_default = 8388608 net.core.wmem_max = 8388608 net.ipv4.ipfrag_high_thresh = 4194304 net.ipv4.ipfrag_high_thresh = 8388608 net.ipv4.ipfrag_low_thresh = 3145728 net.ipv4.ipfrag_low_thresh = 7340032 net.ipv4.ipfrag_max_dist = 64 net.ipv4.ipfrag_secret_interval = 600 net.ipv4.ipfrag_time = 30 net.ipv4.tcp_mem = 8388608 8388608 8388608 net.ipv4.tcp_rmem = 8192 873800 8388608 net.ipv4.tcp_wmem = 8192 873800 8388608 net.ipv4.netfilter.ip_conntrack_log_invalid = 255 net.ipv4.netfilter.ip_conntrack_max = 131072 net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 14400