syslog: nf_conntrack: table full, dropping packet

[tincboy]

I've a server which goes down at least once a week,
I've changed RAM and it didn't help, now I'm checking the syslog to find out why this server which is not fully utilized yet is going down this much,
The only thing which I've found in syslog is many lines of "nf_conntrack: table full, dropping packet"
In other servers theres also many lines of "nf_conntrack: table full, dropping packet" but they are operating fine,
Does the "nf_conntrack: table full, dropping packet" means the server has an issue which may lead to down time?

 

[dietmar]

Does the "nf_conntrack: table full, dropping packet" means the server has an issue which may lead to down time?

No, that should not lead to downtime.

 

[sigxcpu]

For the conntrack problem, increase net.nf_conntrack_max value like this:

sysctl -a | grep net.nf_conntrack_max to check the current value

edit /etc/sysctl.conf and add/change the following key:

net.nf_conntrack_max=your_desired_value

Example:

net.nf_conntrack_max=1000000 for 1 million entries