> of my eye, mostly < 2000). Periodically, they will spike to well over 32768
> for minutes at a time. The default conntrack limit (nf_conntrack_max) for
> 512MB was like 16384, and this was pretty easy to hit. I've bumped it up to
> 32768 and decreased many timeouts, and there are still several times a day
> where this is reached. The few times that I was able to tcpdump the
> interface when the connection count was high, I only saw NTP traffic,
> nothing looked like it was a DDOS or hacking (99% being NTP client/server
> packets), so my guess is that something got rebooted and maybe tons of
> devices are all hitting the box at once? Not sure, have been limited in that
iptables(8) writes:
NOTRACK
This target disables connection tracking for all packets
matching that rule.
It can only be used in the raw table.
What about this?
Cheers
Gabor
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
