Nginx setting up >25.000 concurrent connections per second

Dennis Jacobfeuerborn dennisml at conversis.de
Fri Oct 7 11:19:45 UTC 2011


On 10/07/2011 12:44 PM, Bradley Falzon wrote:
> On Fri, Oct 7, 2011 at 5:14 PM, atadmin <nginx-forum at nginx.us
> <mailto:nginx-forum at nginx.us>> wrote:
>
>     I tested with this flag enable and disables and the result is the same,
>     now is disables because was the las test. Iptables is not enabled for
>     the test.
>
>
> Just confirming you actively removed the nf_conntrack modules. My boxes
> have logged conntrack rules warnings in syslog, so if you're not seeing
> them, then it's probably not your problem anyway.
>
> My box with connection track is still tracking even though my iptables is
> stopped:
> [root at bf1 ~]# service iptables stop
> iptables: Flushing firewall rules:                         [  OK  ]
> iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
> iptables: Unloading modules:                               [  OK  ]
> [root at bf1 ~]# lsmod | grep nf_conn
> nf_conntrack_ipv6      19655  2
> nf_conntrack           79643  2 nf_conntrack_ipv6,xt_state
> ipv6                  321509  28 ip6t_REJECT,nf_conntrack_ipv6
> [root at bf1 ~]# cat /proc/sys/net/netfilter/nf_conntrack_count
> 2

Given the ipv6 references above have you also done a "service ip6tables stop"?

Regards,
   Dennis



More information about the nginx mailing list