Recently 1 of the server under my responsibility very slow. The ping is always timeout. When i type “dmesg” it show;
Nov 1 22:23:40 bounty kernel: ip_conntrack: table full, dropping packet.
Nov 1 22:23:43 bounty last message repeated 9 times
I run this command to know how many connection on the server:
[[email protected] ~]# cat /proc/net/ip_conntrack | wc -l
It can be fixed by restarting the server. After restart, the ping seem ok and no timeout. Run back the command:
[r[email protected] ~]# cat /proc/net/ip_conntrack | wc -l
You might want to check this link also:
If you dont want to restart the server, you can run this command:
echo 65536 > /proc/sys/net/ipv4/ip_conntrack_max
Please note that:
– default CONNTRACK_MAX value will not be inferior to 128
– for systems with more than 1GB of RAM, default CONNTRACK_MAX value is
limited to 65536 (but can of course be set to more manually).