| IP Conntrack /DST Cache Overflow issue [message #50797] |
Mon, 04 November 2013 21:24  |
KevinH
Messages: 2
Registered: November 2013
Location: Maryland
|
Junior Member |
|
|
My network slowly experinces slowness, intill it eventually dies off. And i am hoping someone that has had this problem could help:
Kernel: 2.6.18-348.4.1.el5.028stab107.1
OS: CentOS release 5.8 (Final)
Nov 3 07:41:18 909I7 kernel: process `sysctl' is using deprecated sysctl (sysc$
Nov 3 09:36:09 909I7 kernel: Fatal resource shortage: privvmpages, UB 167.
Nov 3 09:36:09 909I7 last message repeated 3 times
Nov 3 21:05:01 909I7 auditd[8428]: Audit daemon rotating log files
Nov 4 00:18:56 909I7 kernel: ip_conntrack: CT 102: table full, dropping packet.
Nov 4 00:18:58 909I7 last message repeated 9 times
Nov 4 00:19:01 909I7 kernel: printk: 2 messages suppressed.
Nov 4 00:18:58 909I7 last message repeated 9 times
Nov 4 00:19:01 909I7 kernel: printk: 2 messages suppressed.
Nov 4 00:19:01 909I7 kernel: Route hash chain too long!
Nov 4 00:19:01 909I7 kernel: Adjust your secret_interval!
Nov 4 00:19:06 909I7 kernel: printk: 11 messages suppressed.
Nov 4 00:19:06 909I7 kernel: Route hash chain too long!
Nov 4 00:19:06 909I7 kernel: Adjust your secret_interval!
Nov 4 00:19:11 909I7 kernel: printk: 9 messages suppressed.
Nov 4 00:19:11 909I7 kernel: ip_conntrack: CT 102: table full, dropping packet.
Nov 4 00:19:13 909I7 kernel: venet0: 5 rebuilds is over limit, route caching d$
Nov 4 00:19:16 909I7 kernel: printk: 15 messages suppressed.
Nov 4 00:19:16 909I7 kernel: ip_conntrack: CT 102: table full, dropping packet.
Nov 4 00:19:21 909I7 kernel: printk: 13 messages suppressed.
Nov 4 00:19:21 909I7 kernel: ip_conntrack: CT 102: table full, dropping packet.
Nov 4 00:19:26 909I7 kernel: printk: 3 messages suppressed.
Nov 4 00:19:26 909I7 kernel: ip_conntrack: CT 102: table full, dropping packet.
Nov 4 00:19:31 909I7 kernel: printk: 5 messages suppressed.
Nov 4 00:19:31 909I7 kernel: ip_conntrack: CT 102: table full, dropping packet.
Nov 4 00:19:36 909I7 kernel: printk: 6 messages suppressed.
Nov 4 00:19:36 909I7 kernel: ip_conntrack: CT 102: table full, dropping packet.
Nov 4 00:19:41 909I7 kernel: printk: 6 messages suppressed.
Nov 4 00:19:41 909I7 kernel: ip_conntrack: CT 102: table full, dropping packet.
Nov 4 00:19:46 909I7 kernel: printk: 7 messages suppressed.
Nov 4 00:19:46 909I7 kernel: ip_conntrack: CT 102: table full, dropping packet.
It will then slowly DST Cache overflow.
At this point, i am a tad lost on what to do.
here is the sysctl.conf file:
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
kernel.panic = 10
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.netfilter.ip_conntrack_max=196608
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_no_metrics_save=1
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 5
net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 600
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 15
net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 3
net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 3
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 3
net.ipv4.route.gc_thresh = 131072
Any help to fix this so it stops the crashes and slowness, is greatly helpful.
Thanks,
Kevin Hammett
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
