[Bug 105] New: Connection tracking table full, no new connections accepted
Tue, 24 Jun 2003 19:26:53 +0200
Summary: Connection tracking table full, no new connections
Component: connection tracking
I've had this problem twice now and figured it was serious enough to report. I
am using iptables as a firewall/NAT device, kernel version 2.4.21 (directly from
kernel.org); I also encountered the problem in 2.4.20.
After a period of time, I get the following message in my kernel logs:
"ip_conntrack: table full, dropping packet." This message then repeats -- a lot.
Thereafter, no new connections either to the outside world or directly to the
NAT machine are accepted but existing connections still work. Doing a userspace
flush, zero, and remove followed by my firewall/NAT rules doesn't seem to
restore things, either. Since I built all of the modules directly into the
kernel, I have not tried rmmod/insmod to see if that fixes things.
I know this is a vague description, but I can and will provide any more details
necessary to help track down this bug.
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.