Hi, Am 02.12.2014 um 09:13 schrieb Stefan Priebe - Profihost AG: > Hi, > > since starting to use pve firewall i had today the first time where VMs > and Host starts heavily in dropping packets. > > I'm only using IP and MAC filters. Nothing else. > > The kernel host log is full of: > > [1620408.606201] net_ratelimit: 462 callbacks suppressed > [1620408.606204] nf_conntrack: table full, dropping packet > > 1.) Where do we use nf_conntrack? > > 2.) Should PVE ship with a sysctl file raising the nf conntrack limits? > > On the host are only 19 VMs running. > > Greets, > Stefan
additionally i'm seeing a VM (don#t have access to that one using a lot of CPU via kernel process [vhost-13946]) Stefan _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
