Troubleshooting stability issue

Jan Engelhardt jengelh at linux01.gwdg.de
Thu Aug 11 08:00:32 CEST 2005


>Symptom is that by the time we get to it, the box is totally unresponsive to 
>local console, is not forwarding packets. In a word "hung".

Then there may be a memory leak. Calm all apps and periodically check the free 
ram or the slab cache sizes, respectively. (Yeah, it's unlikely.)

Check /var/log/messages if it says that a network card timed out.

>Memory isn't obviously leaking.
>
>The number of lines in "ip_conntrack" does appear to grow with time, but is 
>still way below (at around 3000) the maximum allowed of 32,000+, and isn't 
>growing monotonically. I think there may be clues here, if only to what is 
>wrong with the ruleset.

Reduce the maximum number of conntracks then.

>Apart from sshd, there is practically nothing running.
>atd
>crond
>inetd (this has nothing configured in /etc/inetd.conf, so I'll remove it).
>Postfix is listening on 127.0.0.1:25 in case anything local suddenly needs to 
>report anything to me.
>lpd (lpd was running and not listening on any ports, so I'll remove it).

Where's the ftpd?

>Just looking for some helpful pointers on how to investigate this issue 
>further.

/proc/net/ip_conntrack
/proc/net/stat/ip_conntrack

>The hardware doesn't seem to like the stock 2.6 kernels, and I don't have one 
>spare to spend time figuring out why.
Forgot a driver?



Jan Engelhardt
-- 
| Alphagate Systems, http://alphagate.hopto.org/



More information about the netfilter mailing list