Hi,
I had to start squid in prodcution network and to my supprise, it
worked for about 1 minute, and then the messages bellow started
flowing. In the WCCP router, more 10000 requests were forwarded
after less than 1 minute!!!! (192.x.x.x/19 network)
I noticed that cache server ran out of file descriptors, How to fix this ?
How do I tune ip_conntack table ? My actual max value is:
[root@cache ~]# cat /proc/sys/net/ipv4/ip_conntrack_max
65536
Thanks for your answers
Dan
---------------------------
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
ip_conntrack: table full, dropping packet.
printk: 23 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 26 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 29 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 47 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 40 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 53 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 64 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 51 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 62 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 74 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 74 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 60 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 76 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 65 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 92 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 68 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 66 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 70 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 86 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 55 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 68 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 59 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 65 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 77 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 86 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 75 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 75 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 62 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 55 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 85 messages suppressed.
ip_conntrack: table full, dropping packet.
printk: 79 messages suppressed.
ip_conntrack: table full, dropping packet.
ip_tables: (C) 2000-2002 Netfilter core team
ip_conntrack version 2.1 (8192 buckets, 65536 max) - 340 bytes per conntrack
printk: 19 messages suppressed.
TCP: drop open request from IP/2930
TCP: drop open request from IP/1194
TCP: drop open request from IP/33930
TCP: drop open request from IP/2009
TCP: drop open request from IP/2854
TCP: drop open request from IP/65478
TCP: drop open request from IP/33084
TCP: drop open request from IP/1556
TCP: drop open request from IP/2291
TCP: drop open request from IP/63561
printk: 24 messages suppressed.
TCP: drop open request from IP/2697
TCP: drop open request from IP/1193
printk: 158 messages suppressed.
TCP: drop open request from IP/2582
printk: 124 messages suppressed.
TCP: drop open request from IP/4681
printk: 35 messages suppressed.
-- -------------------------- Daniel Epee LeaReceived on Mon Mar 13 2006 - 10:55:49 MST
This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST