512mb ram about 150,000 connections its a ircd server with 15 clients at 1024 users each. i have to keep moving it up as the conntrack doesnt empty
Depending on the linux kernel you are using.. this is a 'known' bug. Red Hat Linux for the 7,8,9 series has a patch from netfilter experimental that does not let go connections. There is also another kernel version that seems to have this issue (2.4.18?) but I cant remember which one it was. Putting on the latest 2.4.x kernel with a clean netfilter patch fixed the problem on our boxes.
-- Stephen John Smoogen | CCN-5 Security Team LANL SIRT Team Leader | SMTP: smoogen@xxxxxxxx Los Alamos National Laboratory | Voice: 505.664.0645 Ta-03 SM-1498 MS: B255 DP 10S | FAX: 505.665.7793 Los Alamos, NM 87545 |
