Am 11.11.2010 16:35, schrieb Eric Dumazet: > Le jeudi 11 novembre 2010 Ã 16:00 +0100, Jan Kasprzak a Ãcrit : >> Hello, >> >> I have a iptables-based firewall with ~1200 IPv4 and ~950 IPv6 rules. >> When I want to reload its configuration, I often get "Resource temporarily >> unavailable" error from iptables. >> >> I have a HA setup with two servers, and the error more often happens on >> a server with four cores and 2 GB of RAM than on a server with two cores >> and 4 GB of RAM. >> >> I have added a band-aid fix to my startup script - sleeping for one second >> and trying again when the error code from iptables is 4, and it apparently >> helps. But the error messages from the startup script are still a bit ugly. >> What else can I do in order to fix the problem? > > Hi > > Please provide > > cat /proc/meminfo > > Also please apply this patch : > > http://git2.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=6b1686a71e3158d3c5f125260effce171cc7852b This problem is usually caused by manipulating the ruleset from multiple iptables instances concurrently. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
