ip_conntrack again
Sorry to bother with this well known topic. But I was not able to find any similar situation in this list archive…
~# wc -l /proc/net/ip_conntrack
wc: /proc/net/ip_conntrack: No space left on device
0 /proc/net/ip_conntrack
So I checked ip_conntrack_max In my next step:
# sysctl net.ipv4.netfilter.ip_conntrack_max
net.ipv4.netfilter.ip_conntrack_max = 8192
But this is just a small routing Linux box (512MB RAM and dual Intel CPU 3.20GHz) with couple of PC connected behind ipmasq. The LAN traffic is usually very low and was close to nothing during these tests.
So I tried to check it using:
~# cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count
93
And it is just 93 which is far away from conntrack_max=8192!
Of course this is not a problem of HDD capacity:
~# df -h
File system size used avail. %us. mounted
/dev/sda1 1,4G 366M 969M 28% /
tmpfs 248M 8,0K 248M 1% /lib/init/rw
udev 10M 132K 9,9M 2% /dev
tmpfs 248M 0 248M 0% /dev/shm
/dev/sda8 64G 40G 22G 66% /home
/dev/sda7 373M 11M 343M 3% /tmp
/dev/sda9 3,6G 1,9G 1,5G 56% /usr
/dev/sda5 2,8G 1,4G 1,3G 52% /var
Also this "/proc/net/ip_conntrack: No space left on device" appears right after the box reboot.
Any idea what else I could check to solve this problem?
I will be very thankful for any tip or helping hand....
Tnx in advance,
Sub
Reply to: