From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; Galeon) Gecko/20031030 Galeon/1.3.10 Description of problem: I have RH9 as a firewall behind my fr2.rpmfind.net mirror. ip_conntrack_ftp is loaded. Since my upgrade to RH9, I see these messages in my log : NET: 45 messages suppressed. ip_conntrack: table full, dropping packet. NET: 47 messages suppressed. And the network traffic slowly goes down to zero. The particulary of this problem is that the number of tracked connections reported by wc -l /proc/net/ip_conntrack is far below (~2500) the fixed limit in /proc/sys/net/ip_v4/ip_conntrack_max (65536). Due to a previous problem of the same kind, I added a MRTG graph showing the ip_conntrack counts. As you can see on http://bellet.info/~bellet/ip_conntrack.png, the problem occured around 18:00 -> 20:00. The total number of tracked connections continuously decreased during this period. As a workaround, I doubled the value of ip_conntrack_max (128K), and it's now working again. So it seems to me that expired tracked connections are someway not completely freeed. Version-Release number of selected component (if applicable): kernel-2.4.20-20.9 How reproducible: Sometimes Steps to Reproduce: 1. just wait for a few days of network activity. 2. 3. Additional info:
Thanks for the bug report. However, Red Hat no longer maintains this version of the product. Please upgrade to the latest version and open a new bug if the problem persists. The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, and if you believe this bug is interesting to them, please report the problem in the bug tracker at: http://bugzilla.fedora.us/