search for: ip_conntrack_tcp_timeout_establish

...f "ESTABLISHED" tcp connections from my webserver (the src is my webserver ip), and some other random connections to my webserver, and many "ASSURED" connections. So why is it filling up? I changed the default timeout value like so: echo 36000 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established but I don't think that's had any effect. any thoughts? what additional info can I provide that would be helpful? I did find a script that clears out some of the stale connections using hping2, but I don't know if that's really a great solution to this problem. cat /proc/sys...

...:26:19 gestor1 kernel: printk: 38 messages suppressed. Feb 23 14:26:19 gestor1 kernel: ip_conntrack: table full, dropping packet. The server is celeron pentium 4 based 3Ghz + 512Mb ram Does anyone could suggest me what are the best value for net.ipv4.netfilter.ip_conntrack_max net.ipv4.netfilter.ip_conntrack_tcp_timeout_established Might be I can tune other kernel value ? Thanks for your help Regards ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your...

...39;ve use this "math" to calculate it : (3072 - 256) x 1024^2 - 236 = 12511822,1027 The near "power of 2" seems to be 2^23 = 8388608 With this result I''ve change my "sysctl.conf" file net.ipv4.netfilter.ip_conntrack_max = 8388608 net.ipv4.netfilter.ip_conntrack_tcp_timeout_established= 28800 and I''ve to change the HASHSIZE to ip_conntrack_max / 4 ... What is wrong ! How can I solve the problem ... I''m waiting for a server with 8Gb (8192) of ram most of available to use with conntrack ! Regards