[NTLUG:Discuss] ip_conntrack questions
JD
dlouhyj at earthlink.net
Fri Jun 9 17:27:32 CDT 2006
> I have been run the same server (RH 6.0) for more than 6 years,
> Recently I get this message very often -- about every 2-3 weeks.
>
> ip_conntrack: table full, dropping packet.
>
> I even increased the MAX value.
> still happens every 2-3 weeks,
> can any one think about what's going on it?
> any one have quick way to flush the table without reboot?
>
> If I don't load module ip_conntrack, this problem should be go away?
>
Depending on what else you are doing - it may not be advisable to also
run ip_conntrack. I remember that stuff like tarpitting connections
advises not to run conntrack.
You can probably restart the service after saving the current state of
the tables/chains. You don't have to restart the whole box. Look for
the /etc/init.d script that starts the process. Its been awhile since I
looked at RH6.
More information about the Discuss
mailing list