Solution: LinuxNATip_conntrack: tablefull-Linux Enterprise Application-Linux server application information. The following is a detailed description. This Linux NAT is well used. I did not expect that the Internet could not be accessed a few days ago, and the system record also showed the following message:
Ip_conntrack: table full, dropping packet.
Later, I learned that the ip_conntrack module of Linux NAT records the established connection record of the tcp communication protocol, and the preset timeout time is up to five days (432,000 seconds ), so as long as someone in the LAN uses P2P software (such as eDonkey, BT ...) this problem may easily occur.
Solution (1): Increase the value of ip_conntrack_max.
Find the original ip_conntrack_max value:
Command: cat/proc/sys/net/ipv4/ip_conntrack_max
Write the ideal value (each ip_conntrack buffer occupies 292 Bytes)
Command: echo "value">/proc/sys/net/ipv4/ip_conntrack_max
Example: echo "81920">/proc/sys/net/ipv4/ip_conntrack_max
This effect is temporary. If you want to use a new value for each boot, you need to write the above command into/etc/rc. d/rc. local.
Or add: net. ipv4.ip _ conntrack_max = value to/etc/sysctl. conf.
Or run the following command: sysctl-w net. ipv4.ip _ conntrack_max = value.
The method for automatic configuration upon startup is the same as that for method (1 ).
Other related commands:
View Current ip_conntrack buffer usage
Command: grep conn/proc/slabinfo
Result example: ip_conntrack 3024 4090 384 409 409 1 (the values are described as follows)
Ip_conntrack the cache name
3024 the number of currently active objects
4090 the total number of available objects
384 the size of each object in bytes
409 the number of pages with at least one active object
409 the total number of allocated pages
1 the number of pages per slab are given
Man slabinfo.
Find the top five IP addresses that currently have the most ip_conntrack records
Command: cat/proc/net/ip_conntrack | cut-d ''-f 10 | cut-d' = '-f 2 | sort | uniq-c | sort-nr | head-n 5
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
