----- Original Message ----- From: "Nick Drage" <nickd@xxxxxxxxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Wednesday, September 01, 2004 7:47 PM Subject: Re: Problem with TCP > On Wed, Sep 01, 2004 at 07:19:05PM +0530, Rohit Neupane wrote: > > <snip> > > > I have around 350-400 wireless clients with over 10Mbps traffic at peak > > hours. > > These days I have observed some abnormal behavior. > > <snip> > > > The problem is: > > Everything works fine for about 5-10 mins then all of a suddent TCP > > services are not accessable. For some reason TCP times out. However > > at the same time ping,tracerout and dns trace works without any > > problem. > > I suspect you've reached some kind of maximum session count; either in > Linux or in netfilter. I expect you can alter this using sysctl, or > writing directly to /proc, but unhelpfully I can't see where this is > specifically set. > Yes, indeed it seems I have reached some kind of max session count. But I don't know what it is? TCP stack/memory? I don't know. > It might help others solve your problem if you post the result of > > iptstate -s -t | head > > here. Or try > > wc -l /proc/net/ip_conntrack I am not using conntrack at all. > > if "iptstate" isn't installed. Though I'm not *that* familiar with the > contents of ip_conntrack, someone may way to advise on a filter that > will only show the relevant connections. > > -- > mors omnia vincit > Rohit >
