Portal Home > Knowledgebase > Articles Database > Increase nf_conntrack value


Increase nf_conntrack value




Posted by c00kie, 07-10-2007, 08:33 AM
Hey guys, sorry to bother you with this newbie question (maybe?), but i'm pissed off right now.. can't find any good information on google. I want to edit the nf_conntrack value 'cause I'm being DDoSed and my /var/log/messages says nf_conntrack is full... I know how ip_conntrack can be modified.. but I can't figure out how to edit nf_conntrack (installed FC 7...) Thanks alot guys ps: if there are any additional settings i must edit on apf to work with nf_conntrack please warn me about it. Last edited by c00kie; 07-10-2007 at 08:34 AM. Reason: ps

Posted by bornforlamp, 07-10-2007, 09:40 AM
It seems to be a bug in kernel you are using, turn off hardware checksum offload and those messages will not appear.

Posted by bornforlamp, 07-10-2007, 09:42 AM
Also try to upgrade kernel on server , that may fix your issue

Posted by c00kie, 07-10-2007, 09:42 AM
Dude, I'm DDoSed and my conntrack is full, how DO I EDIT THE nf_conntrack value to a bigger one... do you understand me?

Posted by bornforlamp, 07-10-2007, 10:04 AM
Well if you are DDoSed why dont you use APF and antidos module in apf ? that may resolve DDoS issue ..

Posted by c00kie, 07-10-2007, 03:43 PM
Dude, I'm using it... nvm that... what i need to know is HOW DO YOU EDIT THE nf_conntrack value since its 65... ( I NEED A BIGGER VALUE, like 512000 ) Thank you very much.

Posted by jon-f, 07-10-2007, 04:12 PM
you could have easily found it in google, most of what you have to edit is in /proc/sys/net/ipv4/ Here is all you need to know http://www.wallfire.org/misc/netfilt...track_perf.txt Its not gonna help you though if its consuming your pipe. If its dropping packets because of syn_backlog or contrack apache or most other services couldnt handle the requests anyway Oh yeah, if you are ever on efnet come in #cpanel and look for rfxn, he is an expert on this stuff. I do know you can set some of that stuff wrong or too high and it mess some things up so I would definetly read up on it if I was you. Last edited by jon-f; 07-10-2007 at 04:16 PM.



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
Overselling Questions (Views: 310)
MYSQL (Views: 294)