The Crucial Blog
ip_conntrack: table full, dropping packet.
If you see something like the following in your log files:
ip_conntrack: table full, dropping packet.
printk: 73 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 84 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 157 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 145 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 118 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 121 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 93 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 128 messages suppressed.
ip_conntrack: table full, dropping packet.
It will probably look like you are experiencing a network issue with a lot of packet loss, but in fact it isn’t one at all!
This error has to do with the value in /proc/sys/net/ipv4/ip_conntrack_max set to low, and letting the system only handle a few connections at once. This value is usually imposed when APF is installed, and the following should be done to correct it:
echo “138304″ > /proc/sys/net/ipv4/ip_conntrack_max
add the following to /etc/sysctl.conf:
sys.net.ipv4.ip_conntrack_max = 138304
If you are running APF modify the following line to:
SYSCTL_CONNTRACK=”138304″
To check what the current value is you can use:
cat /proc/sys/net/ipv4/ip_conntrack_max
Tags: linux, networking, server-administrationFiled under: Uncategorized by — aaron @ 2:22 pm
Hello,
Can we set “SYSCTL_CONNTRACK” more than 138304?
Thank You
HI Masood, I believe you are able to increase it to above 138304, this is just an example! It really depends on you requirements.
What if I already changed this value from 65535 to 147456 and it still keeps showing this error??
Using Centos 5
Hi Alexandre, try increasing the value further and see how you go.