On Jun 21, 2011, at 12:33 AM, Condor wrote: > Here is error that i got from kernel: > > net_ratelimit: 686 callbacks suppressed > nf_conntrack: table full, dropping packet. > nf_conntrack: table full, dropping packet. > nf_conntrack: table full, dropping packet.
You're using a stateful firewall for NTP traffic, and it's connection state table has filled. I recommend not using stateful rules for NTP traffic, as it adds latency and potential denial-of-service problems with the firewall. The network tuning you'd mentioned mostly affects TCP and doesn't matter to UDP. The high traffic rate you'd seen of 3000 packets/sec is unusual, but if your firewall was dropping packets, some NTP clients behave badly and query faster. Regards, -- -Chuck _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
