Hi,
I'm using conntrackd and keepalived (for a pair of redundant firewalls in
active/backup configuration) and from time to time I experience a kernel
panics.
I'm new to conntrackd, so its likely that I made just some mistakes in my
configuration.
I'm getting these kernel panics when keepalived switches the backup host to
active.
Manually I can trigger the kernel panic when I execute "conntrackd -c" on the
backup host (sometimes "conntrackd -c" executes sucessfully, but it crashes
at the latest when I repeat the command a few times).
This is my setup:
* Ubuntu Linux with kernel 2.6.24-18-server
* libnfnetlink 0.0.38 (compiled from sources)
* libnetfilter-conntrack 0.0.94 (compiled from sources)
* conntrack-tools 0.9.7 (compiled from sources)
My conntrackd.conf is attached below.
Does anybody have an idea why I get these crashes and what I could do to avoid
them?
Best regards,
-Rainer
---- /etc/conntrackd.conf -----
Sync {
Mode FTFW {
ResendBufferSize 262144
CommitTimeout 180
ACKWindowSize 20
}
Multicast {
IPv4_address 225.0.0.50
IPv4_interface 10.0.1.204 # IP of dedicated link
Interface eth0
Group 3780
}
Checksum on
}
General {
HashSize 8192
HashLimit 65535
LockFile /var/lock/conntrack.lock
UNIX {
Path /tmp/sync.sock
Backlog 20
}
SocketBufferSize 262142
SocketBufferSizeMaxGrown 655355
}
IgnoreTrafficFor {
IPv4_address 127.0.0.1 # loopback
IPv4_address 10.0.1.203
IPv4_address 10.0.1.204
IPv4_address 10.0.0.1
IPv4_address 10.9.62.1
IPv4_address 10.9.62.203
IPv4_address 10.9.62.204
}
IgnoreProtocol {
ICMP
IGMP
VRRP
}
