Comment on Resolving “nf_conntrack: table full, dropping packet.” flood message in dmesg Linux kernel log by Christian.
Hi,
thank you very much for this article. I had many packet drop messages on my router and raising values has helped me a lot. Do you know, where hashsize and nf_conntrack_max has its limits?
My router is a cluster that synchronizes connection tracking tables. So I guess I still need the conntrack modules even the system is pure routing, right? I sync the tables so connection can still continue even on cluster node switch.
What I don’t know is, at which point raising the max and hash sizes become a problem.
Thanks
Christian