search for: conntrack_max

Hello, I''ve tried to change ipt_conntrack hashsize and con under my debian charge but doesn''t work ! Ive got 2876Mb available for conntrack so I''ve done (according to some previous mail and this http://www.wallfire.org/misc/netfilter_conntrack_perf.txt) CONNTRACK_MAX = 2876 * 64 = 184064 HASHSIZE = 2876 * 8 = 23002 But the near power of 2 is 2^16 = 131072 ... I''m not sure that if it better to put 184064 or 131072 ? Seems that netfilter algorythm is more eficient with power of 2 value ? I can set the CONNTRACK_MAX value but not the HASHSIZE ......

...ind of error message : Feb 23 14:26:19 gestor1 kernel: printk: 38 messages suppressed. Feb 23 14:26:19 gestor1 kernel: ip_conntrack: table full, dropping packet. The server is celeron pentium 4 based 3Ghz + 512Mb ram Does anyone could suggest me what are the best value for net.ipv4.netfilter.ip_conntrack_max net.ipv4.netfilter.ip_conntrack_tcp_timeout_established Might be I can tune other kernel value ? Thanks for your help Regards ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay...

Hello I''ve got Debian sarge 2.6.18 Traffic Manager setup as a bridge. This server is p4 hyperthreading with 3Gb of memory. Yesterday on 10:00pm start to see in my syslog that ip_conntrack was full and on 12:00pm the server was frozen ... I precise that I''ve already change CONNTRACK_MAX=131072 and HASHSIZE=65536 values I''m not sure that is a direct conntrack problem ... might be l7-filter,ipp2p or ethernet bridge ? Any tips or ideas of what I should check ? Regards

Hi all, i need advice how can i limit ip_conntrack per IP. clients of network that i support often uses torrent , DC++ , eMule clients and i have lost packages because they open too many ports. i have traffic control limits but this obviously isn''t enough Any advance how to prevent server from this kind problems will be welcome. Best regards Emil

Hey guys, I am planning to buy some components for a Linux router that will handle the Internet access of 200 computers (includes tc shaping) and some inter sub-network routing (at least 100MBps per eth - and there are 3 eth cards). I was thinking of a: Pentium 4 - 3GHz 256 or 512MB RAM Network Cards. Now - I wonder what is more important: the processor speed or the amount of RAM. And can you

Hi All, I am using the script below to limit download rates and manage traffic for a certain IP address and testing the results using iperf. The rate that iperf reports is much higher than the rate I have configured for the HTB qdisc. It''s probably just some newbie trap that''s messing things up but I''m buggered if I can see it. The following script is run on the

...I run a small system with an older version of shorewall (1.4.2). It has been extremely solid for a long time. But recently I have noticed the connection table filling up, which has never happened before. My guess is that the box is getting hit with floods. The system only has 64M of ram and the conntrack_max is set to 4096 based on the ram. I have temporarily increased it to 8192 so that it doesn''t cause the box to drop packets, but obviously it will eventually fill up again. I need help in trying to understand what is happening. I don''t have many analysis tools on the box since it r...