On Wednesday 24 September 2003 04:44, Walter D. Wyndroski wrote:
> How many connections can be tracked with:
>
> 512 megabytes of RAM?
> 1 gigabyte of RAM?
>
> I know there is a limit. I read it somewhere about eight months ago in some
> obscure location.
>From the faq page on netfilter.org :
3.6 ip_conntrack: maximum limit of XXX entries exceeded
If you notice the following message in syslog, it looks like the conntrack
database doesn't have enough entries for your environment. Connection
tracking by default handles up to a certain number of simultaneous
connections. This number is dependent on you system's maximum memory size (at
64MB: 4096, 128MB: 8192, ...).
You can easily increase the number of maximal tracked connections, but be
aware that each tracked connection eats about 350 bytes of non-swappable
kernel memory!
To increase this limit to e.g. 8192, type:
echo "8192" > /proc/sys/net/ipv4/ip_conntrack_max
Stef
--
stef.coene@xxxxxxxxx
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.openprojects.net
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
