hi,
so my biggest problem is that, when I've got these error and keep getting the error, than do wc -l /proc/net/ip_conntrack and it's just
300-400 so I assume 48632 is more than enough. am I wrong?


Balint Cristian wrote:
On Tuesday 17 June 2003 15:23, Farkas Levente wrote:

hi,
I forgot to mention that it can't be the reason:
# cat /proc/sys/net/ipv4/ip_conntrack_max
48632

Balint Cristian wrote:

[EMAIL PROTECTED] root]# cat /proc/sys/net/ipv4/ip_conntrack_max
8184

It is 8000 entry by default

you can change it:
[EMAIL PROTECTED] root]#


echo 1024000 > /proc/sys/net/ipv4/ip_conntrack_max

try much higher value than 48632 !!!



Be careful if increase will eat more memory ....

On Tuesday 17 June 2003 14:29, Farkas Levente wrote:

hi,
we've a fully updated rh8.0 firewall with kernel-2.4.20-18.8,
iptables-1.2.6a-2. we got the following error about once a week:
-----------------------------------------
Jun 13 05:21:41 portal kernel: ip_conntrack: table full, dropping packet.
Jun 13 05:21:47 portal last message repeated 10 times
Jun 13 05:21:51 portal kernel: NET: 6 messages suppressed.
Jun 13 05:21:51 portal kernel: ip_conntrack: table full, dropping packet.
Jun 13 05:21:57 portal kernel: NET: 3 messages suppressed.
Jun 13 05:21:57 portal kernel: ip_conntrack: table full, dropping packet.
-----------------------------------------
in this case we cant do anything just reboot the server. the strange is
that in this case:
wc -l /proc/net/ip_conntrack
is about 3-400, while during the normal operation it's about 1000-1500.
so I don't know what can be the problem in this case. what can I do to
find out the reason for this problem? and how to solve it?
thank you for your help in advance.





--
  Levente                               "Si vis pacem para bellum!"



_______________________________________________
Redhat-devel-list mailing list
[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-devel-list

Reply via email to