Degraded Instance Connectivity: "nf_conntrack: table full, dropping packet

Problem

Following is observed in /var/log/syslog.

nf_conntrack: table full, dropping packet

Connections to/from instances (such as via a floating IP) may be degraded or timed out due to dropping packets.

Environment

Platform9 Managed OpenStack - All Versions
Ubuntu

Cause

For busier environments, the connections stemming from instances residing on the host may exceed the default connection tracking limit which is set based on the amount of RAM allocated to the hypervisor.

Resolution

Specify an increased max connection tracking size of 524288 in /etc/sysctl.d/65-nf-conntrack.conf.

# echo "net.netfilter.nf_conntrack_max=524288" > /etc/sysctl.d/65-nf-conntrack.conf

Load the file into memory.

# sysctl --load/etc/sysctl.d/65-nf-conntrack.conf

Additional Information

CERN - OpenStack in Production: Exceeding Tracked Connections

PreviousVMHA Indicator Does Not Appear in UI For All AZs NextHost Unable to Converge With Management Plane

Last updated 4 months ago

Good night

hashtagProblem

hashtagEnvironment

hashtagCause

hashtagResolution

hashtagAdditional Information

Problem

Environment

Cause

Resolution

Additional Information