Snawoot/conntrack_limits.md

Created January 1, 2025 13:05

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/Snawoot/235152c53e93546e0313ab59106e3611.js"></script>
Save Snawoot/235152c53e93546e0313ab59106e3611 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

conntrack_limits.md

From LinuxBender @ HN

Create /etc/modprobe.d/nf_conntrack.conf:

options nf_conntrack expect_hashsize=256400 hashsize=256400

And then in /etc/sysctl.conf:

# from /etc/sysctl.conf: increase state table limits.
# Requires 1/4 mem to hash table plus 400 overhead because I am the cargo culting king:
# cat /etc/modprobe.d/nf_conntrack.conf
# options nf_conntrack expect_hashsize=256400 hashsize=256400
net.nf_conntrack_max = 1024000