WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xen-users] ip conntrack table full

from [Mike McGrath] [Permanent Link][Original]
To: James Harper <james.harper@xxxxxxxxxxxxxxxx>
Subject: RE: [Xen-users] ip conntrack table full
From: Mike McGrath <mmcgrath@xxxxxxxxxx>
Date: Sun, 24 Jan 2010 17:47:11 -0600 (CST)
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sun, 24 Jan 2010 15:48:24 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <AEC6C66638C05B468B556EA548C1A77D01898CE9@trantor>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <alpine.LFD.2.00.1001241728170.16075@xxxxxxxxxxxxxxxxxxx> <AEC6C66638C05B468B556EA548C1A77D01898CE9@trantor>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Alpine 2.00 (LFD 1167 2008-08-23) 
On Mon, 25 Jan 2010, James Harper wrote:

> >
> > xen-3.0.3-94.el5_4.2
> > 2.6.18-164.6.1.el5xen
> > RHEL5.4 x86_64
> >
> > I've got a dom0 that does nothing but have a DomU created.  The DomU
> gets
> > plenty of load.  Over time, the dom0's ipconntrack table fills up but
> not
> > the DomU.  Once it gets full I can restart iptables and it's fine.
> >
> > The strange thing is this only happens on hosts I have provided
> (hardware
> > and hosting) from one location.  I'm not really sure what kind of
> boxes
> > they are or if the architecture is a red herring.
> >
> > I sure would like to know what is going on, the network setup is
> bridged
> > but the dom0 is the domU's gateway host (don't ask why I'm doing both)
> >
> > Any thoughts?
> >
>
> 'cat /proc/net/ip_conntrack' will tell you what's in the conntrack
> database. Have a look in there and see if it's what you expect...
>

net.ipv4.netfilter.ip_conntrack_count = 65536
net.ipv4.netfilter.ip_conntrack_max = 65536

Being full that's what I'd expect, what I don't understand is why they're
filling up.

        -Mike

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xen-users] ip conntrack table full, James Harper
Next by Date:  RE: [Xen-users] ip conntrack table full, James Harper
Previous by Thread:  RE: [Xen-users] ip conntrack table full, James Harper
Next by Thread:  RE: [Xen-users] ip conntrack table full, James Harper
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy