ip_conntrack: table full, dropping packet

bear · September 8, 2010, 6:58am

Hi
getting loads of these in my logs, tried raising maximum sessions but still it persists.
have to reboot to clear the tables but quickly fill up again, cannot keep raising the max sessions.
The servers on a normal load and the connections don’t appear to be to high.
Any ideas what to look for or stop the problem.
i have APF 9.7 firewall
thank you

 
Sep 8 13:45:30 serv1 kernel: printk: 97 messages suppressed.
Sep 8 13:45:30 serv1 kernel: ip_conntrack: table full, dropping packet.
Sep 8 13:45:35 serv1 kernel: printk: 29 messages suppressed.
Sep 8 13:45:35 serv1 kernel: ip_conntrack: table full, dropping packet.
Sep 8 13:45:40 serv1 kernel: printk: 77 messages suppressed.
Sep 8 13:45:40 serv1 kernel: ip_conntrack: table full, dropping packet.
Sep 8 13:45:45 serv1 kernel: printk: 286 messages suppressed.
Sep 8 13:45:45 serv1 kernel: ip_conntrack: table full, dropping packet.
Sep 8 13:45:50 serv1 kernel: printk: 325 messages suppressed.
Sep 8 13:45:50 serv1 kernel: ip_conntrack: table full, dropping packet.
Sep 8 13:45:55 serv1 kernel: printk: 453 messages suppressed.
Sep 8 13:45:55 serv1 kernel: ip_conntrack: table full, dropping packet.
Sep 8 13:46:00 serv1 kernel: printk: 160 messages suppressed.
Sep 8 13:46:00 serv1 kernel: ip_conntrack: table full, dropping packet.

IWorx-Paul · October 22, 2010, 11:24pm

Hi Gary - the obvious question is what are all these connections about? I’d start by looking at the contents of the special file /proc/net/ip_conntrack, and see if can tell what’s going on.

Paul