On November 8, 2003 10:43 pm, Antony Stone wrote:
> On Sunday 09 November 2003 3:08 am, Kishore Dharmavaram wrote:
> > Hi Herald & All,
> >
> > I verified & I find my 2.4.20 is already patched with UNCONFIRMED
> > connections fix.
> >
> > How it possible that /proc/slabinfo shows a lot more ip_conntracks than
> > are shown in "/proc/net/ip_conntrack"?. /proc/slabinfo shows that maximum
> > possible conntracks, 131072, are being currently used but
> > /proc/net/ip_conntrack shows only 21 connections. My box is refusing new
> > connections because max conntracks have reached.
>
> Are you getting any messages "ip_conntrack : table full, dropping packet"
> in your syslog or kernel log output?
>
> If not, how do you know that the box is refusing new connections because
> max conntracks have been reached?
>
if /proc/slabinfo is showing memory OBJECTS not CONNECTIONS.
and 13072 != 131072
I'm not sure what those objects are but as I follow my reading of slabinfo
*all* objects acllocated are counted in htere... I'm not sure what all gets
allocated by ip_conntrack -- developers would be better at that
> Antony.
--
Alistair Tonner
nerdnet.ca
Senior Systems Analyst - RSS
Any sufficiently advanced technology will have the appearance of magic.
Lets get magical!
