OpenWrt Forum Archive

Topic: kern.warn kernel: nf_conntrack: expectation table full ?

The content of this topic has been archived on 31 Mar 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Hi, i now and then reach some kind of limit for network connections and i cant find out whats causing it.

i have a nas, some iphones,2 windows pc's and a handfull Sip phones behind the fw.(wndr 3700).

No torrents or any other file sharing that im aware of smile and as far i know it should be a low traffic connection.

im running arok's build on extroot usb stick since like a year ago and it has performed beautifully until now...

Linux OpenWrt 2.6.37.6 #2 Tue Mar 29 14:30:12 CEST 2011 mips GNU/Linux

Feb  3 13:02:16 OpenWrt kern.notice kernel: nf_ct_sip: dropping packetIN= OUT=eth1 SRC=77.53.153.53 DST=79.138.0.98 LEN=625 TOS=0x00 PREC=0x00 TTL=63 ID=10636 PROTO=UDP SPT=59405 DPT=5060 LEN=605
Feb  3 13:02:16 OpenWrt kern.warn kernel: nf_conntrack: expectation table full

Any hint where to begin?

Thanks in advance
a

Looks like your connection tracking table is full, I get this most often when using torrents. Stop your torrent client and the connections should eventually die out, or you can install conntrack-tools and flush the table or simply reboot.

Ok, but i rebooted yesterday and the day before and i have no torrent clients running.

I guess i need to track the connections but i dont know how to use the tools you mentioned.

more help please
a

Thanks, i understand that. However im not there yet.
I cant find the tools ?

root@OpenWrt /root# opkg list-installed|grep conn
iptables-mod-conntrack - 1.4.10-2
iptables-mod-conntrack-extra - 1.4.10-2
kmod-ipt-conntrack - 2.6.37.6-1
kmod-ipt-conntrack-extra - 2.6.37.6-1


root@OpenWrt /root# opkg list|grep conn
iptables-mod-conntrack - 1.4.10-2
iptables-mod-conntrack-extra - 1.4.10-2
kmod-ipt-conntrack - 2.6.37.6-1
kmod-ipt-conntrack-extra - 2.6.37.6-1

opkg update && opkg install conntrack-tools

Thanks that did the trick!

However it dosent seem to work all the way, i got
conntrack v1.0.0 (conntrack-tools): Can't open handler
from ex. conntrack -L

the only thing giving some output is
conntrack -S
entries                 59     
searched                42358   
found                   957278 
new                     36043   
invalid                 5394   
ignore                  70911   
delete                  35986   
delete_list             5044   
insert                  5103   
insert_failed           0       
drop                    0       
early_drop              0       
icmp_error              2442   
expect_new              2       
expect_create           395     
expect_delete           391     
search_restart          0       

when entries goes over about 120 to 150  i receives the kernel warning on dropped packages.

im sniffing traffic but i cant see anything unusual or unexpected.

Any advice, can i rise the limit somewhere?
Thanks

Hi, looks like problem disappeared when i disabled upnp.

All is well now.

a

The discussion might have continued from here.