From: Michael Gale <mgale@utilitran.com>
To: netfilter@lists.netfilter.org
Subject: Re: Leaky ip_conntrack_ftp in Red Hat kernels
Date: Fri, 12 Dec 2003 11:51:47 -0700 [thread overview]
Message-ID: <20031212115147.58d95778.mgale@utilitran.com> (raw)
In-Reply-To: <1071251376.6079.22.camel@smoogen1.lanl.gov>
Hello,
Why not use another distro ... one that does not all the stable running linux kernel.
Since this only seems to be a problem with RH ... who ... well lets face it.
May not be around much longer ...
Michael.
On Fri, 12 Dec 2003 10:49:36 -0700
Stephen Smoogen <smoogen@lanl.gov> wrote:
> I am working on tracking down a 'leak' in ip_conntrack_ftp in the RHL
> 7.x kernels that we are seeing on several FTP servers. The leak seems to
> occur with some servers that have automated cron jobs that get updates
> every hour. What happens is that as time goes on, we see a larger
> disconnect between /proc/slabinfo and /proc/net/ip_conntrack.
> ip_conntrack will state that it has only 2-4 entries in it, but the
> kernel will state that it has run out of entries and looking at the
> /proc/slabinfo we see it has filled up and isnt releasing any entries.
>
> By various testing of putting all the rules to ACCEPT and keeping the
> modules in, and then removing a module at a time, I have gotten it down
> to something in the ip_conntrack_ftp. Having the module in the system
> will eat up the standard number of entries within 20 hours. I am trying
> to figure out where to proceed next in order to help fix:
>
> 1) Try a recompiled kernel with POM-20030912 and see if it works?
> 2) Try some sort of flag to get more info?
> 3) Anything else?
>
> The kernel is Red Hat's patched 2.4.20-24.7
>
> Thanks (and thankyou all for your work).
>
> --
> Stephen John Smoogen smoogen@lanl.gov
> Los Alamos National Lab CCN-5 Sched 5/40 PH: 4-0645
> Ta-03 SM-1498 MailStop B255 DP 10S Los Alamos, NM 87545
> -- So shines a good deed in a weary world. = Willy Wonka --
>
>
--
Michael Gale
Network Administrator
Utilitran Corporation
next prev parent reply other threads:[~2003-12-12 18:51 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-12-12 17:49 Leaky ip_conntrack_ftp in Red Hat kernels Stephen Smoogen
2003-12-12 18:51 ` Michael Gale [this message]
2003-12-12 19:13 ` Stephen Smoogen
2003-12-12 19:44 ` Michael Gale
2003-12-12 20:31 ` Ramin Dousti
2003-12-12 19:31 ` Stephen Smoogen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20031212115147.58d95778.mgale@utilitran.com \
--to=mgale@utilitran.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.