Optimizations (tuning)

From Tech-Wiki
Revision as of 16:11, 11 July 2016 by Fabricio.Lima (Talk | contribs) (Created page with "Category:Fortinet You can improving memory usage to avoid entering into conserve mode. Session timer optimizations
 config system global set tcp-halfclose-timer 30...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


You can improving memory usage to avoid entering into conserve mode.

Session timer optimizations
 

config system global
  set tcp-halfclose-timer 30   [ default 120 s ]
  set tcp-halfopen-timer 10    [ default 60 s ]
  set tcp-timewait-timer 0     [ default 120 s ]
  set udp-idle-timer 40        [ default 180 s ]
end
config system session-ttl
   set default 180             [ default 300 ]
config port
  edit 0
      set protocol 17
      set timeout 10
      set end-port 53
      set start-port 53
  end
end

Reduce the FortiGuard services for the cache 

config system fortiguard
  set webfilter-cache-ttl 500 [ default 3600 ]
  set antispam-cache-ttl 500  [ default 1800 ]
end

DNS cache optimization 

config system dns
  set dns-cache-limit 300     [ default: 5000 ]
end

Disable options for DNS forwarding 

config system dns
  unset fwdintf
end

Delete dns-udp session-helper 

config system session-helper
  delete 14     [ 14 is references number for dns-udp ]
end

Reduce the maximum file size for antivirus scanning 

Go to Policy > Proxy Options > Common Options > Change: Amount (bytes)

Limit the space allocated for WAN optimization to 20GB 

config wanopt storage
 edit Internal
 set size 20000
end

Specify amount of disk reserved for log 

config log disk setting
 set log-quota 10240
Retrieved from ‘http://tech-wiki.net/index.php?title=Optimizations_(tuning)&oldid=536