I had a problem over the weekend with a server and the ip_conntrack table being filled up. This started off Friday night very slowly, I was getting paged on and off for disconects/reconnects from my Nagios box. I thought it was the network bouncing at the colo, but it turned out the box just had a higher than usual volume of Internet traffic. The limit I had initially set was at 4096. I ended up raising this to 32768 so it doesn’t happen again. I guess the server hasn’t ever seen that much traffic before, so 4096 worked out good for a while. I’ll see what happens now with the limit set to 32k.

Nov 23 14:23:06 host printk: 24 messages suppressed.
Nov 23 14:23:06 host ip_conntrack: table full, dropping packet.
Nov 23 14:23:11 host printk: 41 messages suppressed.
Nov 23 14:23:11 host ip_conntrack: table full, dropping packet.
Nov 23 14:23:16 host printk: 29 messages suppressed.
Nov 23 14:23:16 host ip_conntrack: table full, dropping packet.
Nov 23 14:23:22 host printk: 12 messages suppressed.
Nov 23 14:23:22 host ip_conntrack: table full, dropping packet.
Nov 23 14:23:26 host printk: 33 messages suppressed.
Nov 23 14:23:26 host ip_conntrack: table full, dropping packet.
Nov 23 14:23:32 host printk: 12 messages suppressed.
Nov 23 14:23:32 host ip_conntrack: table full, dropping packet.
Nov 23 14:23:36 host printk: 14 messages suppressed.

From earlier today, back to normal:

# wc -l ip_conntrack
1716 ip_conntrack
# wc -l ip_conntrack
1717 ip_conntrack

# cat /proc/sys/net/ipv4/ip_conntrack_max
32768

This entry was posted on Monday, November 26th, 2007 and is filed under Gentoo, Linux, Xen. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.