what is the max allowable value for ip_conntrack_max. ?? Regards Zuhair.
----- Original Message ----- From: "Sthitaprajna" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, December 01, 2002 12:26 PM Subject: Re: [LIH]Iptables > On 12/01/02 at 10:28 AM mukund spake thusly: > > >I have recently implemented transparent proxy on a PIII 1GB RAM, 3x20 GB > >SCSI disk for DOT. > >The squid is running quite well and catering to 300 active user with total > >bandwidth of 3.5 MBPS. > >When the load increases to about 4 MBPS, the kernel gives the message that > >Iptables are full and starts dropping packets. > >1. Is it due to system ram? > >2. OR I need to tweak the iptables. > >The iptables are used to divert the traffic from port 80 to post 3128 > > > > Hi > > It might be that Squid is establishing a lot of NAT connections and keeping > then open even after they have been serviced. See teh output of cat > /proc/net/ip_conntrack, if it is a large file, or it shows many connections > as "established" when they should have been dropped, it'll make sense to > increase teh value of ip_conntrack_max in > /proc/sys/net/ipv4/ip_conntrack_max. > > Rgds > -- > > > > > ------------------------------------------------------- > This SF.net email is sponsored by: Get the new Palm Tungsten T > handheld. Power & Color in a compact size! > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en > _______________________________________________ > linux-india-help mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/linux-india-help > > ------------------------------------------------------- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
