Veteran Member
Posts: 16,738
Registered: ‎06-23-2010
Kudos: 5290
Solutions: 78

ConnTracking Large Number of Sessions

[ Edited ]

Any recommendations for an ER-Pro that will have possibly hundreds of thousands of connections going through it for NAT?

Currently I have 14,990 entries... at peak I've seen this as high as 18,000.  Any tweaks to make this work right?  In the past I've seen it lock up (no traffic passed until - I assume, conntracks cleared).

 

Veteran Member
Posts: 16,738
Registered: ‎06-23-2010
Kudos: 5290
Solutions: 78

Re: ConnTracking Large Number of Sessions

Now at 17,000 entries things seem to be beginning to slow down.
Emerging Member
Posts: 67
Registered: ‎11-10-2011
Kudos: 15
Solutions: 1

Re: ConnTracking Large Number of Sessions

Highlighted
Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5474
Solutions: 1656
Contributions: 2

Re: ConnTracking Large Number of Sessions

If you haven't tweaked any of the  "system conntrack" settings, you can try those, for example, "set system conntrack table-size 262144". There are also "hash-size" (default might be fine) and "expect-table-size".