Re: ip_conntrack: table full

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tuesday 17 June 2003 09:01, Farkas Levente wrote:
> hi,
> so my biggest problem is that, when I've got these error and keep
> getting the error, than do wc -l /proc/net/ip_conntrack and it's just
> 300-400 so I assume 48632 is more than enough. am I wrong?

Hmm no not wrong, i am sure that wc -l /proc/net/ip_conntrack represents current contrack
but not so sure the value from /proc/sys/net/ipv4/ip_conntrack_max 
represents numbers of connections, it may represents memory or othere measure units 
of tracked connections ?

	Just try to increase, to test increase cost you nothing
just a little experiment.

	I solved some droping problems by increase /proc/net/ip_conntrack 
so increasing it worked for me.

	Otherwise dont know, maybe it is broken in kernel ?!?

>
> Balint Cristian wrote:
> > On Tuesday 17 June 2003 15:23, Farkas Levente wrote:
> >>hi,
> >>I forgot to mention that it can't be the reason:
> >># cat /proc/sys/net/ipv4/ip_conntrack_max
> >>48632
> >>
> >>Balint Cristian wrote:
> >>>[root@xxxxx root]# cat /proc/sys/net/ipv4/ip_conntrack_max
> >>>8184
> >>>
> >>>It is 8000 entry by default
> >>>
> >>>you can change it:
> >>>[root@xxxxx root]#
> >
> > echo 1024000 > /proc/sys/net/ipv4/ip_conntrack_max
> >
> > try much higher value than 48632 !!!
> >
> >>>Be careful if increase will eat more memory ....
> >>>
> >>>On Tuesday 17 June 2003 14:29, Farkas Levente wrote:
> >>>>hi,
> >>>>we've a fully updated rh8.0 firewall with kernel-2.4.20-18.8,
> >>>>iptables-1.2.6a-2. we got the following error about once a week:
> >>>>-----------------------------------------
> >>>>Jun 13 05:21:41 portal kernel: ip_conntrack: table full, dropping
> >>>> packet. Jun 13 05:21:47 portal last message repeated 10 times
> >>>>Jun 13 05:21:51 portal kernel: NET: 6 messages suppressed.
> >>>>Jun 13 05:21:51 portal kernel: ip_conntrack: table full, dropping
> >>>> packet. Jun 13 05:21:57 portal kernel: NET: 3 messages suppressed.
> >>>>Jun 13 05:21:57 portal kernel: ip_conntrack: table full, dropping
> >>>> packet. -----------------------------------------
> >>>>in this case we cant do anything just reboot the server. the strange is
> >>>>that in this case:
> >>>>wc -l /proc/net/ip_conntrack
> >>>>is about 3-400, while during the normal operation it's about 1000-1500.
> >>>>so I don't know what can be the problem in this case. what can I do to
> >>>>find out the reason for this problem? and how to solve it?
> >>>>thank you for your help in advance.

-- 
Life in itself has no meaning. 
Life is an opportunity to create meaning.

              \|/ ____ \|/ 
              "@'/ .. \`@" 
              /_| \__/ |_\ 
                 \__U_/ 


_______________________________________________
Redhat-devel-list mailing list
Redhat-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/redhat-devel-list

[Index of Archives]     [Kernel Newbies]     [Red Hat General]     [Fedora]     [Red Hat Install]     [Linux Kernel Development]     [Yosemite News]

  Powered by Linux