Есть маршрутизатор: Linux lanrouter-phys 2.6.26-2-686 #1 SMP Sat Oct 17 17:59:23 UTC 2009 i686 GNU/LinuxВторой день подряд, в одно и тоже время (?), в ЧНН, количество записей conntrack начинает бурно вырастать, растет до предела (conntrackmax=1,572,864).
Потом все соединения обрываются, в messages сыпят строки "contrack full, dropping packets", все как обычно.
После все восстанавливается.
Логи conntrack во время "роста" есть, аномалий не видно.
Чего делать? Куда копать?
Лог действа вот (это мониторинг sysctl net.ipv4.netfilter.ip_conntrack_count):
2009-11-16 21:49:01 12% [######-------------------|-------------------------] 191,071/1,572,864
2009-11-16 21:50:01 11% [#####--------------------|-------------------------] 188,583/1,572,864
2009-11-16 21:51:01 11% [#####--------------------|-------------------------] 187,240/1,572,864
2009-11-16 21:52:01 11% [#####--------------------|-------------------------] 186,854/1,572,864
2009-11-16 21:53:01 12% [######-------------------|-------------------------] 190,532/1,572,864
2009-11-16 21:54:01 12% [######-------------------|-------------------------] 195,386/1,572,864
2009-11-16 21:55:01 12% [######-------------------|-------------------------] 190,845/1,572,864
2009-11-16 21:56:01 11% [#####--------------------|-------------------------] 186,737/1,572,864
2009-11-16 21:57:01 11% [#####--------------------|-------------------------] 188,384/1,572,864
2009-11-16 21:58:01 12% [######-------------------|-------------------------] 190,941/1,572,864
2009-11-16 21:59:01 12% [######-------------------|-------------------------] 191,795/1,572,864
2009-11-16 22:00:01 11% [#####--------------------|-------------------------] 185,116/1,572,864
2009-11-16 22:01:01 11% [#####--------------------|-------------------------] 187,386/1,572,864
2009-11-16 22:02:01 16% [########-----------------|-------------------------] 261,919/1,572,864
2009-11-16 22:03:01 23% [###########--------------|-------------------------] 362,662/1,572,864
2009-11-16 22:04:01 29% [##############-----------|-------------------------] 457,340/1,572,864
2009-11-16 22:05:01 34% [#################--------|-------------------------] 548,307/1,572,864
2009-11-16 22:06:01 40% [####################-----|-------------------------] 644,561/1,572,864
2009-11-16 22:07:01 47% [#######################--|-------------------------] 741,166/1,572,864
2009-11-16 22:08:01 53% [#########################|#------------------------] 843,800/1,572,864
2009-11-16 22:09:01 59% [#########################|####---------------------] 942,409/1,572,864
2009-11-16 22:10:02 66% [#########################|########-----------------] 1,039,855/1,572,864
2009-11-16 22:11:01 72% [#########################|###########--------------] 1,134,575/1,572,864
2009-11-16 22:12:01 78% [#########################|##############-----------] 1,232,366/1,572,864
2009-11-16 22:13:01 84% [#########################|#################--------] 1,331,127/1,572,864
2009-11-16 22:14:01 90% [#########################|####################-----] 1,430,858/1,572,864
2009-11-16 22:19:25 0% [-2009-11-16 22:19:25 0% [-------------------------------------------------|-|-------------------------------------------------] 12,163/1,572,864
] 12,163/1,572,864
2009-11-16 22:19:25 0% [-------------------------|-------------------------] 12,296/1,572,864
2009-11-16 22:19:25 0% [-------------------------|-------------------------] 12,352/1,572,864
2009-11-16 22:19:25 0% [-------------------------|-------------------------] 12,383/1,572,864
2009-11-16 22:20:01 5% [##-----------------------|-------------------------] 86,424/1,572,864
2009-11-16 22:21:01 7% [###----------------------|-------------------------] 121,620/1,572,864
2009-11-16 22:22:01 8% [####---------------------|-------------------------] 129,973/1,572,864
Версия для распечатки
Бурный рост conntrack под Linux, 
Rom1, 16-Ноя-09, 20:45 [смотреть все]
