Hello everyone,
one of my nodes Dealing with large amounts of requests
and from time to time I see that I have timeout on ping test for both host node and guests VMs
checking /var/log/syslog
show:
I have added to: /etc/sysctl.conf
net.netfilter.nf_conntrack_max = 4194304
and run:
sysctl -p
also did:
echo 4194304 > /proc/sys/net/netfilter/nf_conntrack_max
it's update for short time:
but after few seconds, it's back to:
Thanks!
EDIT:
find it, on Proxmox GUI -> Nodexx -> Firewall -> Options
we can Find the nf_conntrack_max and edit it to the needed value
one of my nodes Dealing with large amounts of requests
and from time to time I see that I have timeout on ping test for both host node and guests VMs
checking /var/log/syslog
show:
Bash:
Sep 11 20:42:32 node01 kernel: [5117056.047088] net_ratelimit: 31765 callbacks suppressed
Sep 11 20:42:32 node01 kernel: [5117056.047093] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:32 node01 kernel: [5117056.047326] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:32 node01 kernel: [5117056.047424] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:32 node01 kernel: [5117056.047441] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:32 node01 kernel: [5117056.047535] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:32 node01 kernel: [5117056.047551] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:32 node01 kernel: [5117056.047607] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:32 node01 kernel: [5117056.047608] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:32 node01 kernel: [5117056.047644] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:32 node01 kernel: [5117056.047800] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.050919] net_ratelimit: 34407 callbacks suppressed
Sep 11 20:42:37 node01 kernel: [5117061.050924] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.050946] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.051018] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.051357] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.051370] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.052148] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.052160] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.052185] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.052185] nf_conntrack: nf_conntrack: table full, dropping packet
Sep 11 20:42:37 node01 kernel: [5117061.052202] nf_conntrack: nf_conntrack: table full, dropping packetI have added to: /etc/sysctl.conf
net.netfilter.nf_conntrack_max = 4194304
and run:
sysctl -p
also did:
echo 4194304 > /proc/sys/net/netfilter/nf_conntrack_max
it's update for short time:
Bash:
root@node01:/etc# sysctl -a | grep nf_conntrack_max
net.netfilter.nf_conntrack_max = 4194304
net.nf_conntrack_max = 4194304but after few seconds, it's back to:
Bash:
root@node01:/etc# sysctl -a | grep nf_conntrack_max
net.netfilter.nf_conntrack_max = 262144
net.nf_conntrack_max = 262144Thanks!
EDIT:
find it, on Proxmox GUI -> Nodexx -> Firewall -> Options
we can Find the nf_conntrack_max and edit it to the needed value
Last edited: