HI!
I use iptables to do NAT in the NIC of my Univ.
About 2000 computers connect to intranet and need to do NAT.
I use a HP server 128M RAM, P3 1.2G CPU(Only 1,Not SMP), RedHat Linux 9.0
with iptables 1.2.8
I setup iptables only use NAT and ip_conntrack (and ftp surport).
When iptables runing, anything seems well done.
But soon, message post:
"ip_tables: Neighbor Table Overflow!" and "ip_conntrack: table full,
dropping"
My question is:
1. How many conntracks does ip_conntrack surport dur to my server? How
to increase it?
2. I have checked the source code of ip_tables, but can't find the
routine who post the first message. Please tell me what cause it and how to
solve it.
Tanks a lot!
_________________________________________________________________
与联机的朋友进行交流,请使用 MSN Messenger: http://messenger.msn.com/cn
