On Fri, Feb 11, 2005 at 01:07:36PM +0000, Jason Opperisano wrote: > > On Fri, 2005-02-11 at 05:55, Piotrek Kaczmarek wrote: > > Hi, > > I encountered the following situation - when there are around 20000 connections > > "cat /proc/net/ip_conntrack" doesn't display all connections and outputs > > "cat: No space left on device" error. If I patch kernel with POM and 'nth' module > > (only patch, don't load the module) the same happens around 17000 connections. > > It happenes both with 2.6.9 and 2.6.10 kernels. > > > > Why is it so? Is this matter of memory limit or something else? > > what does: > > sysctl net.ipv4.netfilter.ip_conntrack_max > > say? i don't suppose it would be quite that simple, but might as well > start there. # sysctl net.ipv4.netfilter.ip_conntrack_max net.ipv4.netfilter.ip_conntrack_max = 30000 -- Piotr Kaczmarek
