Syslog: nf_conntrack: nf_conntrack: table full, dropping packet

yena

Renowned Member
Nov 18, 2011
373
4
83
Hello,
on one of my server i see a lot of this message on syslog:

nf_conntrack: nf_conntrack: table full, dropping packet

and randmly the server reboot without other message:
--------------------------------------------------------------------------------------------------------------------------------------------------------
..
Oct 1 02:28:40 srvps1 kernel: [23240.406180] perf: interrupt took too long (6225 > 6210), lowering kernel.perf_event_max_sample_rate to 32000
....
Oct 1 07:01:32 srvps1 kernel: [39612.885290] nf_conntrack: nf_conntrack: table full, dropping packet
Oct 1 07:01:32 srvps1 kernel: [39612.885640] nf_conntrack: nf_conntrack: table full, dropping packet
Oct 1 07:01:32 srvps1 kernel: [39613.008694] nf_conntrack: nf_conntrack: table full, dropping packet
Oct 1 07:01:32 srvps1 kernel: [39613.008883] nf_conntrack: nf_conntrack: table full, dropping packet
Oct 1 07:01:32 srvps1 kernel: [39613.009102] nf_conntrack: nf_conntrack: table full, dropping packet
Oct 1 07:01:32 srvps1 kernel: [39613.009481] nf_conntrack: nf_conntrack: table full, dropping packet
Oct 1 07:01:32 srvps1 kernel: [39613.009699] nf_conntrack: nf_conntrack: table full, dropping packet
Oct 1 07:01:32 srvps1 zed: eid=1429 class=history_event pool_guid=0x01812D681FA0C7CF
Oct 1 07:01:32 srvps1 zed: eid=1430 class=history_event pool_guid=0x01812D681FA0C7CF
Oct 1 07:01:32 srvps1 zed: eid=1431 class=history_event pool_guid=0x01812D681FA0C7CF +

--> REBOOT

Oct 1 07:04:42 srvps1 systemd-modules-load[1513]: Inserted module 'iscsi_tcp'
Oct 1 07:04:42 srvps1 kernel: [ 0.000000] Linux version 5.0.18-1-pve (root@nora) (gcc version 8.3.0 (Debian 8.3.0-6)) #1 SMP PVE 5.0.18-3 (Thu, 8 Aug 2019 09:05:29 +0200) ()
Oct 1 07:04:42 srvps1 kernel: [ 0.000000] Command line: BOOT_IMAGE=/ROOT/pve-1@/boot/vmlinuz-5.0.18-1-pve root=ZFS=rpool/ROOT/pve-1 ro root=ZFS=rpool/ROOT/pve-1 boot=zfs quiet
Oct 1 07:04:42 srvps1 kernel: [ 0.000000] KERNEL supported cpus:
Oct 1 07:04:42 srvps1 kernel: [ 0.000000] Intel GenuineIntel
Oct 1 07:04:42 srvps1 kernel: [ 0.000000] AMD AuthenticAMD
Oct 1 07:04:42 srvps1 kernel: [ 0.000000] Hygon HygonGenuine
--------------------------------------------------------------------------------------------------------------------------------------------------------

I Had tried to change RAM .. nothing change ..

Thanks!
 
Last edited:
You can check the currently conntrack objects and the limit with:
cat /proc/sys/net/netfilter/nf_conntrack_count
cat /proc/sys/net/netfilter/nf_conntrack_max

This is not a hardware issue but it seems that you are hitting the limits that are set for nf_conntrack
 
You can check the currently conntrack objects and the limit with:
cat /proc/sys/net/netfilter/nf_conntrack_count
cat /proc/sys/net/netfilter/nf_conntrack_max

This is not a hardware issue but it seems that you are hitting the limits that are set for nf_conntrack

Yes, also to me .. now i hav done:
sysctl -w net.netfilter.nf_conntrack_max=8388608
echo "net.netfilter.nf_conntrack_max=8388608" >> /etc/sysctl.conf

But i think the reboot hav different origin ..
may be this..
Oct 1 02:28:40 srvps1 kernel: [23240.406180] perf: interrupt took too long (6225 > 6210), lowering kernel.perf_event_max_sample_rate to 32000
 
But i think the reboot hav different origin ..
may be this..
Oct 1 02:28:40 srvps1 kernel: [23240.406180] perf: interrupt took too long (6225 > 6210), lowering kernel.perf_event_max_sample_rate to 32000

That's not something that would reboot the server. It is informing you that kernel has change the sample rating. If nothing on the logs, the reboot could be due to power loss maybe?
 
That's not something that would reboot the server. It is informing you that kernel has change the sample rating. If nothing on the logs, the reboot could be due to power loss maybe?


Unlikely, it has redundant power
 
HI @yena ,

What kind/model of CPU do you have ?

I Hav Intel Xeon CPU E5-2696 v2 @ 2.50GHz
Now i hav checked IPMI event logs and i finded this:
OEM CPLD CATERR - Asserted

Googoling i found that it's a CPU Error... maybe it's a CPU hardware errorr ..
 
My advise is to try to flash your MB BIOS(with the last version, if exists), and to disable in BIOS anything that do not use(soundcard, COM ports, etc)!

Good luck /Bafta
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!