* Changing the ip_ct_tcp_timeout_established value
@ 2005-03-24 9:23 Björn Eberth
0 siblings, 0 replies; 2+ messages in thread
From: Björn Eberth @ 2005-03-24 9:23 UTC (permalink / raw)
To: netfilter
Hi there,
the default value for "ip_conntrack_tcp_timeout_established" is set to 5 days.
My problem is, that after about 2 days of using a filesharing client the ip_conntrack table runs full.
Im using a dial-up connection with 24 hours reconnect.
So my question is: Could i run into problems, if i set this value to 24 hours or something like this?
Regards
Bjoern
______________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Changing the ip_ct_tcp_timeout_established value
@ 2005-03-29 19:54 Björn Eberth
0 siblings, 0 replies; 2+ messages in thread
From: Björn Eberth @ 2005-03-29 19:54 UTC (permalink / raw)
To: netfilter
Hi there,
thx for the answer, but it seems as this doesnt fix my problem.
It seems as if the value in "ip_conntrack_tcp_timeout_established" isnt interpreted, cause i see lots of entries like this in the ip_conntrack table:
tcp 6 231752 ESTABLISHED src=yyy.yyy.yyy.yyy dst=xxx.xxx.xxx.xxx sport=3139 dport=6881 src=xxx.xxx.xxx.xxx dst=zzz.zzz.zzz.zzz sport=6881 dport=3139 [ASSURED] use=1
The third field is the timeout value i think? So this would be 231752 seconds, which is much larger then the value in ip_conntrack_tcp_timeout_established.
Im running a 2.4.27 kernel with iptables 1.2.11. Is the value ignored in this versions by design?
Any advices?
Regards
Bjoern
Moritz Gartenmeister <moritz@uplink-verein.ch> schrieb am 27.03.05 19:36:21:
>
> hi bjoern
>
> i changed this value to ten minutes. this reduced the ip_conntrack_count from 8000 to 3000 and it
> saves memory.
>
> i don't notice any problems. it's possible that if you are using connections without keepalive
> function, that they will probably suffer. but i assume, that connections without traffic for ten
> minutes are anormal closed.
>
> regards
> moritz
>
> Björn Eberth wrote:
> > Hi there,
> >
> > the default value for "ip_conntrack_tcp_timeout_established" is set to 5 days.
> > My problem is, that after about 2 days of using a filesharing client the ip_conntrack table runs full.
> > Im using a dial-up connection with 24 hours reconnect.
> > So my question is: Could i run into problems, if i set this value to 24 hours or something like this?
> >
> > Regards
> > Bjoern
> >
> >
______________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-03-29 19:54 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-03-24 9:23 Changing the ip_ct_tcp_timeout_established value Björn Eberth
-- strict thread matches above, loose matches on Subject: below --
2005-03-29 19:54 Björn Eberth
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.