Welcome to Server Circle. It's a friendly site and all levels of experience are welcome. Be aware that we use cookies for your login.
Server Circle - Ask questions about Servers and get answers from experts.
Beta (0.70 sec)
Apparently a conntrack limit has been reached

In dmesg I'm seeing conntrack errors but I don't know how to increase the limit:

ip_conntrack: maximum limit of 4096 entries exceeded

Any one seen this before ?
Asked by:
Moocher
625 points
 Report Abuse
 Share Page - Category: Unix Servers - Tags: Apparently a conntrack limit has been reached ...
 Enter your response
Please use Pastie.org to paste lengthy code or to fix formatting issues with code
  • Responses in reverse (2)

Best Answer

You can increase this value by running:

sysctl -w net.ipv4.netfilter.ip_conntrack_max=12000

This will increase the limit to 12000, however be aware that each tracked connection eats about 350 bytes of non-swappable kernel memory!

To ensure this setting is restored on reboot add net.ipv4.netfilter.ip_conntrack_max=12000 into /etc/sysctl.conf. Obviously change 12000 to something which is suitable for yourself.

You can keep track of the current number of tracked connections by running wc -l /proc/net/ip_conntrack

Response by:
_SteveWilson ...
4290 points
Try:

echo "8192" > /proc/sys/net/ipv4/ip_conntrack_max

Response by:
stevenrossuk
1325 points


  • Related Questions





About Us : Contact Us : Etiquette : Terms : CDN Failover : ShorterURL : CDN Fallback : © 2013 Server Circle