Hacker News new | ask | show | jobs
by the8472 1512 days ago 

   net.netfilter.nf_conntrack_buckets = 1966050
   net.netfilter.nf_conntrack_max = 7864200
or avoid conntrack entirely
1 comments
LinuxBender 1512 days ago
For completeness sake I would add that one must also set

  options nf_conntrack expect_hashsize=X hashsize=X
in /etc/modules.d/nf_conntrack.conf, X being 1/4 the size of conntrack_max
link