Subject: Re: IFQ_MAXLEN: How large can it be?
To: None <>
From: Manuel Bouyer <>
List: tech-net
Date: 11/15/2006 11:31:45
On Wed, Nov 15, 2006 at 08:57:01AM +0100, Christoph Kaegi wrote:
> Hello list
> Thanks to the help of Manuel, I found the above mentionned
> setting which defines the size of the (per-adapter?) IP input
> queue.
> So I bumped this number on our quite busy firewall up from 256 
> to 1024 and later to 4096, but I still get 1'026'678 dropped 
> packets during 8 days uptime.
> - What are the side effects of increasing this value even more?
> - Can I safely set it to 8192 or 16384 without getting into 
>   other troubles?
> - I guess I could also just use values of 8000, 10000 or 20000
>   isn't it?
> - Also, is this value number of packets or number of bytes
>   or something else?
> I have NMBCLUSTERS=65536 at the moment, btw.

This is the number of packets per interface. You can count one mbuf cluster
(2k) per packet, so you have to make sure that
- NMBCLUSTERS is larger than IFQ_MAXLEN * num_interfaces (if you know you
  have mostly-idle interfaces, maybe you can change this to
  IFQ_MAXLEN * num_busy_interfaces + some_more)
- you have enough ram to hold that much NMBCLUSTERS (a mbuf cluser is 2k),
  as this memory can't be paged out.

Manuel Bouyer, LIP6, Universite Paris VI. 
     NetBSD: 26 ans d'experience feront toujours la difference