Xen project Mailing List

RE: [Xen-users] ip conntrack table full

To: James Harper <james.harper@xxxxxxxxxxxxxxxx>

From: Mike McGrath <mmcgrath@xxxxxxxxxx>

Date: Sun, 24 Jan 2010 17:47:11 -0600 (CST)

Delivery-date: Sun, 24 Jan 2010 15:48:24 -0800

List-id: Xen user discussion <xen-users.lists.xensource.com>

On Mon, 25 Jan 2010, James Harper wrote: > > > > xen-3.0.3-94.el5_4.2 > > 2.6.18-164.6.1.el5xen > > RHEL5.4 x86_64 > > > > I've got a dom0 that does nothing but have a DomU created. The DomU > gets > > plenty of load. Over time, the dom0's ipconntrack table fills up but > not > > the DomU. Once it gets full I can restart iptables and it's fine. > > > > The strange thing is this only happens on hosts I have provided > (hardware > > and hosting) from one location. I'm not really sure what kind of > boxes > > they are or if the architecture is a red herring. > > > > I sure would like to know what is going on, the network setup is > bridged > > but the dom0 is the domU's gateway host (don't ask why I'm doing both) > > > > Any thoughts? > > > > 'cat /proc/net/ip_conntrack' will tell you what's in the conntrack > database. Have a look in there and see if it's what you expect... > net.ipv4.netfilter.ip_conntrack_count = 65536 net.ipv4.netfilter.ip_conntrack_max = 65536 Being full that's what I'd expect, what I don't understand is why they're filling up. -Mike _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.