Re: ip_conntrack & timing out of connections

From: Rasmus Bøg Hansen (moffe@amagerkollegiet.dk)
Date: Tue Nov 06 2001 - 08:07:27 EST

Next message: Marcus Meissner: "PATCH: gdth pci table"
Previous message: Marcelo Tosatti: "out_of_memory() heuristic broken for different mem configurations"
In reply to: Marc: "ip_conntrack & timing out of connections"
Next in thread: David Lang: "Re: ip_conntrack & timing out of connections"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 6 Nov 2001 pcg@goof.com wrote:

> Nov 6 02:39:55 doom kernel: ip_conntrack: table full, dropping packet.

You probably need to do something like:

# We need a lot of concurrent connections
echo 65536 > /proc/sys/net/ipv4/ip_conntrack_max

(or how many you will need). Be aware that it will use up more memory -
the netfilter docs can tell you how much.

Rasmus

-- -- [ Rasmus 'Møffe' Bøg Hansen ] --------------------------------------- If you only have a hammer everything looks like a nail --------------------------------- [ moffe at amagerkollegiet dot dk ] --

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Marcus Meissner: "PATCH: gdth pci table"
Previous message: Marcelo Tosatti: "out_of_memory() heuristic broken for different mem configurations"
In reply to: Marc: "ip_conntrack & timing out of connections"
Next in thread: David Lang: "Re: ip_conntrack & timing out of connections"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Nov 07 2001 - 21:00:29 EST