Re: [lvs-users] IPVS/DR ip_conntrack: table full, dropping packet at squ

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: [lvs-users] IPVS/DR ip_conntrack: table full, dropping packet at squid server
From:	Graeme Fowler <graeme@xxxxxxxxxxx>
Date:	Wed, 13 Jun 2007 09:06:27 +0100

On Wed, 2007-06-13 at 10:22 +0700, Wiboon Warasittichai wrote:
> After I asked you how to work around with ip_conntrack table full, I 
> tried with suggestion to use NOTRACK in squid box for port 3128. Number 
> of ip_conntrack connections still increase till maximum limit.

...that usage of port 3128 was an example. Looking back, I see you're
using port 8080. It would really help if you'd actually said that
instead of burying it in some output!

Try it again, but with 8080 instead.

> I found a trick in google search.
> Setting a system config in /etc/sysctl.conf with
> net.ipv4.netfilter.ip_conntrack_tcp_loose = 0
> will drop all packets like I mention above.

Erm... I'm not sure that will do what you need it to. I'm not sure, in
fact, what that does!

If you try the NOQUEUE target again with *your configuration*, not my
example, then see what it does.

Graeme

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [lvs-users] IPVS/DR ip_conntrack: table full, dropping packet at squid server, Wiboon Warasittichai Re: [lvs-users] IPVS/DR ip_conntrack: table full, dropping packet at squid server, Graeme Fowler <=

Previous by Date:	Re: [lvs-users] IPVS/DR ip_conntrack: table full, dropping packet at squid server, Wiboon Warasittichai
Next by Date:	Re: [lvs-users] Servers unable to flush data to clients, Joseph Mack NA3T
Previous by Thread:	Re: [lvs-users] IPVS/DR ip_conntrack: table full, dropping packet at squid server, Wiboon Warasittichai
Next by Thread:	[lvs-users] How to make NAT lvs work, Mark Wadham
Indexes:	[Date] [Thread] [Top] [All Lists]