kernel: ip_conntrack: maximum limit of 8128 entries exceeded
Magnus von Köller
m.koeller@gmx.net
Mon, 2 Jul 2001 16:02:44 +0200 (MEST)
>> When I receive that message , I got problems with my network. I'm not
able to
>> ping myself. Please help. I use iptables to redirect my web
>> traffic(transparent proxy).
>Increase the amount of trackable connections:
>
> echo 65536 >/proc/sys/net/ipv4/ip_conntrack_max
You should be careful with this, though, because every tracked connection
consumes a certain amount of non-swapable physical memory. So if you don't have
enough RAM in your machine, this won't do any good. I don't know exactly how
much memory this takes, search the archives or ask someone else if you need
to know it. Anyway, if you track that much connections on your firewall, it
would probably be a really good idea to put a lot of RAM in it.
--
| Magnus von Köller --------| "It may be your sole purpose in life |
| <magnus@vonkoeller.de> | to serve as a warning to others." |
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net
--
GMX Tipp:
Machen Sie Ihr Hobby zu Geld bei unserem Partner 1&1!
http://profiseller.de/info/index.php3?ac=OM.PS.PS003K00596T0409a