ip_conntrack table full, dropping packet Rumi, July 3, 2016 Last week, I found myself with a server under low load, but it couldn’t make or receive network connections. When I ran dmesg, I found the following line repeating over and over: ip_conntrack: table full, dropping packet I’d seen this message before, but I headed over to Red Hat’s site for more details. It turns out that the server was running iptables, but it was under a very heavy load and also handling a high volume of network connections. Generally, the ip_conntrack_max is set to the total MB of RAM installed multiplied by 16. However, this server had 4GB of RAM, but ip_conntrack_max was set to 65536: # cat /proc/sys/net/ipv4/ip_conntrack_max 65536 I logged into another server with 1GB of RAM (RHES 5, 32-bit) and another with 2GB of RAM (RHES 4, 64-bit), and both had ip_conntrack_max set to 65536. I’m not sure if this is a known Red Hat issue, or if it’s just set to a standard value out of the box. If you want to check your server’s current tracked connections, just run the following: # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count If you want to adjust it (as I did), just run the following as root: # echo 131072 > /proc/sys/net/ipv4/ip_conntrack_max Src:https://major.io/2008/01/24/ip_conntrack-table-full-dropping-packet/ Related Administrations Collected Articles Configurations (Linux) CentOS
Creating a Certificate Signing Request Using Certreq.exe April 6, 2013 Create a file named CSRParameters.inf on the C:\ drive using the contents below as a template (replace the single quotes with double quotes): [NewRequest] Subject="CN=mailgw.mango.com.bd,OU=IIG,O=Mango Teleservices Limited,S=Not Applicable,L=Dhaka,C=BD" KeySpec=1 KeyLength=2048 Exportable=TRUE MachineKeySet=TRUE SMIME=False PrivateKeyArchive=FALSE UserProtected=FALSE UseExistingKeySet=FALSE ProviderName="Microsoft RSA SChannel Cryptographic Provider" ProviderType=12 RequestType=PKCS10 KeyUsage=0xa0 Silent=TRUE [EnhancedKeyUsageExtension] OID=1.3.6.1.5.5.7.3.1 Open a command… Read More
Simple way to tune apache performance using mpm prefork module April 19, 2017 There could be many reasons why your website performance is poor, one of them can possibly be that Apache is not coping with the load. Below you’ll find ready to consume configuration to make Apache performance better using the Apache MPM prefork module. To do this, just include the below… Read More
Enable Password based authenticaiton in OCI compute instance May 13, 2023 If you want to use a password to access the SSH server, a solution for fixing the Permission denied error is to enable password login in the sshd_config file. To do this, open the file in a text editor. This example uses the nano editor: sudo nano /etc/ssh/sshd_config In the file, find… Read More