Question


How can I increase my ip_conntrack_max?


Environment


All OnApp versions


Answer


To increase ip_conntrack_max:

  1. Check the current ip_conntrack_max:

    # cat /proc/sys/net/ipv4/ip_conntrack_max 
    
    655360
    
    # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
    
    655360
    CODE
  2. To alter this value, add the following line to /etc/sysctl.conf:

    net.ipv4.netfilter.ip_conntrack_max = "XXXXXX" (Replacing XXXXXX with the new value you wish to use)
    
    Use 'sysctl -p' to set the new value or reboot the HV if there are no running VMs
    CODE

For KVM CloudBoot compute resources:

  1. Use the following:

    sysctl net.netfilter.nf_conntrack_max
    
    sysctl net.netfilter.nf_conntrack_count
    CODE

    Please note that such commands do not persist after rebooting. To ensure the conntrack setting is correct on each boot of a CloudBoot compute resource, the command must be added to the custom config for the compute resource.

  2. Set the new value:

    sysctl -w net.netfilter.nf_conntrack_max=xxxxxxx
    CODE