Hi,
Am 17.03.2020 um 16:02 schrieb Julian Anastasov: >>> Yes, when nf_conntrack is used it would be better to >>> set /proc/sys/net/ipv4/vs/conntrack to 1, as reported by different >>> users, for example: >>> >>> https://marc.info/?t=134728825000003&r=1&w=2 >>> >>> In this case, you have to increase nf_conntrack_max sysctl var >>> to allow the desired number of conntracks to be created. >>> >> Ok, i will give it a try. nf_conntrack_max is set to 262144 (default?). >> I would set it to 1024000. Do you have any recommondation for this >> value? ip_vs_conn shows 18753 entries. > > Make sure nf_conntrack_count does not reach the nf_conntrack_max > value. > Done. At the moment about 2400 VPN Clients are connected but nf_conntrack_count is still 0. nf_conntrack_max is set on module load but net.ipv4.vs.conntrack=1 is set AFTER ipvs config is loaded. VPN is only UDP500/4500. regards Marco _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users
