Hi Eliezer,
Thanks for you answer:
> well this is one of the big problems of the conntrack thingy..
> what you can try is to also to change the tcp to:
> sysctl net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=3600
> cause it might causing the problem of such a huge ammount of connection
> tracking size.
> the basic size is 120 minutes which can cause a lot of troubles in many
cases
> of open connections.
> and by the way.. do you really have 155K connections? it seems like too
> much.
>
> hope to hear more about the situation.
>
> Regards Eliezer
[Nataniel Klug] So Eliezer, I don't think I have 155k connections. Most of
them are FIN_WAIT1 (about 35~45k). I have 1000 pppoe clients behind this
squid box so even if each of them had 50 connections, I would have 50k. I
think closing really fast can solve the problem. I set it to close on 5
minutes and I will make a try right now.
Att,
Nataniel Klug
Received on Fri Nov 18 2011 - 10:22:17 MST
This archive was generated by hypermail 2.2.0 : Fri Nov 18 2011 - 12:00:03 MST