Archives
Archives
| From: | Adam Carter <Adam.Carter@×××××××××.au> | ||
|---|---|---|---|
| To: | "gentoo-user@l.g.o" <gentoo-user@l.g.o> | ||
| Subject: | RE: [gentoo-user] Gentoo router: Conntrack table full | ||
| Date: | Tue, 25 Mar 2008 06:15:17 | ||
| Message-Id: | 707E41AE68E444499861C6B248AB8684533A9D14FC@excprdmbxw002.optus.com.au | ||
| In Reply to: | Re: [gentoo-user] Gentoo router: Conntrack table full by Mike Williams |
||
| 1 | The contents of the connection table is in |
| 2 | /proc/net/ip_conntrack |
| 3 | |
| 4 | Example: |
| 5 | tcp 6 65 TIME_WAIT src=192.168.1.4 dst=20.x.y.40 sport=4986 dport=80 src=207.46.109.40 dst=192.168.1.4 sport=80 dport=4986 [ASSURED] mark=0 use=1 |
| 6 | |
| 7 | So go nuts with grep/awk/sed/sort/uniq etc to find what is consuming all the connections. |
| 8 | |
| 9 | +1 for what Mike said about dropping the timeouts to something more sensible. FWIW Checkpoint uses a default TCP timer of 1 hour. Use 4 hours to be conservative. |
| 10 | -- |
| 11 | gentoo-user@l.g.o mailing list |