There are times when you need to increase a key value to your system to get tcp traffic as expected.
For this this type of problem:
Mar 4 22:21:05 viking1 kernel: printk: 4883 messages suppressed.
Mar 4 22:21:05 viking1 kernel: ip_conntrack: table full, dropping packet.
Mar 4 22:21:10 viking1 kernel: printk: 4654 messages suppressed.
Mar 4 22:21:10 viking1 kernel: ip_conntrack: table full, dropping packet.
Mar 4 22:21:15 viking1 kernel: printk: 3943 messages suppressed.
Mar 4 22:21:15 viking1 kernel: ip_conntrack: table full, dropping packet.
Mar 4 22:21:20 viking1 kernel: printk: 3392 messages suppressed.
------------------
CentOS 5 Solution:
------------------
Increase your ip_conntrack_max value from the default of
cat /proc/sys/net/ipv4/ip_conntrack_max
65536
to:
cat /proc/sys/net/ipv4/ip_conntrack_max
1131072
Issue the command:
echo 1131072 > /proc/sys/net/ipv4/ip_conntrack_max
To check the number of current sessions open for this host:
wc -l /proc/net/ip_conntrack
------------------
CentOS 6 Solution:
------------------
To print current limit type:
# sysctl net.nf_conntrack_max
Output:
65536
To increase this limit to e.g. 100000, type:
# sysctl -w net.nf_conntrack_max = 100000
To make this settings permanent add the following line to /etc/sysctl.conf file:
net.nf_conntrack_max = 100000
The following will tell you how many sessions are open right now:
# wc -l /proc/net/nf_conntrack
Done! Cheers!!!
1131072 ?? Are you sure, friend?
ReplyDeleteIt maybey 131072. Check here:
http://www.how2forge.info/solution-for-ip_conntrack-table-full-dropping-packet
its observable, if the conntrack values fail it suggest a room for adjustments. Thanks for the great eye on the details. :) Cheer!!
Delete