kernel: ip_conntrack: table full, dropping packet.

Post Reply
a24uall
Site Admin
Posts: 166
Joined: Sun Jul 01, 2012 9:07 am

kernel: ip_conntrack: table full, dropping packet.

Post by a24uall »

Getting the below messages in /var/log/messages
Mar 4 08:09:41 server kernel: ip_conntrack: table full, dropping packet.
Solution:

You might need to increase the ip_conntrack_max value.

To check the current value of "ip_conntrack_max"
cat /proc/sys/net/ipv4/ip_conntrack_max
How to increase the value???
cp -ar /etc/sysctl.conf /etc/sysctl.conf.bak
vi /etc/sysctl.conf
Add or edit the field below and give the appropriate value
net.ipv4.netfilter.ip_conntrack_max = 131072
Tested with 131072 and when I received error with 65536 and it fixed
Arun
WebhostingDevelopment.com
Post Reply

Return to “IPTABLES”