You are here: Home > Linux, Network, Tips&Info > ip_conntrack: table full, dropping packet

ip_conntrack: table full, dropping packet

Today i found this message in one of my server, although the server’s load is quite low. using dmesg , i kept getting this, and it kept coming
ip_conntrack: table full, dropping packet

I’d seen this message before, but I headed over to Red Hat’s site for more details. Generally, the ip_conntrack_max is set to the total MB of RAM installed multiplied by 16. However, this server had 4GB of RAM, but ip_conntrack_max was set to 65536:

# cat /proc/sys/net/ipv4/ip_conntrack_max
65536

 

If you want to check your server’s current tracked connections, just run the following:

# cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count

 

If you want to adjust it, just run the following as root:
# echo 131072 > /proc/sys/net/ipv4/ip_conntrack_max

 

If you want to find out how many sessions are open right now:
# wc -l /proc/net/ip_conntrack

Tags: , , , ,

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS

Comments are closed.