Sunday, March 4, 2012

ip_conntrack: table full, dropping packet

There are times when you need to increase a key value to your system to get tcp traffic as expected.

For this this type of problem:

Mar 4 22:21:05 viking1 kernel: printk: 4883 messages suppressed.
Mar 4 22:21:05 viking1 kernel: ip_conntrack: table full, dropping packet.
Mar 4 22:21:10 viking1 kernel: printk: 4654 messages suppressed.
Mar 4 22:21:10 viking1 kernel: ip_conntrack: table full, dropping packet.
Mar 4 22:21:15 viking1 kernel: printk: 3943 messages suppressed.
Mar 4 22:21:15 viking1 kernel: ip_conntrack: table full, dropping packet.
Mar 4 22:21:20 viking1 kernel: printk: 3392 messages suppressed.

------------------
CentOS 5 Solution:
------------------

Increase your ip_conntrack_max value from the default of

cat /proc/sys/net/ipv4/ip_conntrack_max
65536

to:

cat /proc/sys/net/ipv4/ip_conntrack_max
1131072

Issue the command:

echo 1131072 > /proc/sys/net/ipv4/ip_conntrack_max


To check the number of current sessions open for this host:

wc -l /proc/net/ip_conntrack

------------------
CentOS 6 Solution:
------------------

To print current limit type:

# sysctl net.nf_conntrack_max

Output:

65536

To increase this limit to e.g. 100000, type:

# sysctl -w net.nf_conntrack_max = 100000

To make this settings permanent add the following line to /etc/sysctl.conf file:

net.nf_conntrack_max = 100000

The following will tell you how many sessions are open right now:

# wc -l /proc/net/nf_conntrack


Done! Cheers!!!

Thursday, March 1, 2012

Remote Linux Desktop Sharing: NoMachine

I have used tools in the past that allows me remotely manage shared linux desktop sessions with NoMachine.

For 64bit machines: http://www.nomachine.com/download-package.php?Prod_Id=3592

You will have to install three (3) components: a) nxclient; b) nxnode; c) nxserver

Cheers!!!