NAT stops working

Fabien Germain fabien.germain at
Wed Apr 20 17:07:40 CEST 2005

Hi Daniel,

Did you try to increase ip_conntrack_max ?
If you use p2p for example, you can quickly reach the limit.

Hope it helps.

On 4/20/05, Daniel Wittenberg <daniel-wittenberg at> wrote:
> We've got a high-speed wireless and DSL connection so I decided to try
> and load-balance the out-going connections.  I run a little script that
> does:
> route flush scope global
> route flush cache
> route add default scope global equalize nexthop via <external gw 1> dev
> eth0 weight 1 nexthop via <external gw 2> dev eth1
> This appears to work for awhile, then incoming connections stop getting
> nat'd to their internal addresses.  I reboot or reset the firewall
> (flush all the tables and re-run this script) and things are good again
> for awhile.  I tried flooding some of the external IP's that are nat'd
> and it seems like after a certain amount of traffic the nat just stops
> working.  tcpdump shows traffic on the external interface coming in, but
> not going out anywhere.
> Anyone have ideas on how to debug this further or things to check?
> Thanks,
> Dan

