Hmm.. how many requests/s are you serving?
I suspect something is wrong here. 60K conntrack entries is a lot, but then
it is only 100 per user so if all your users are clicking like mad then
perhaps.. but I think you would then have some thousand requests/s to reach
this limit.
Anyway, the variable is a integer and can be set to mostly anything. It is
not limited to 65535. But if you set it very large then you should also
increase the conntrack hash size for better performance.. See the
iptables/netfilter documentation or ask in a suitable netfilter user group.
Regards
Henrik
Ahsan Ali wrote:
> Hi guys!
>
> I'm getting a problem I think some of you must have run into by now - I've
> increased
>
> /proc/sys/net/ipv4/ip_conntrack_max
>
> to 65535
>
> And I'm still getting conntrack exceeded errors... how do I increase it to
> 128K and beyond?
>
> I'm transparently redirecting some 600 concurrent dialup users.
>
> Thanks guys!
>
> -Ahsan
Received on Thu Apr 11 2002 - 10:04:02 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:32 MST