Issue
Packet drops on this system for connections using ip_conntrack
or nf_conntrack
. Following messages seen in /var/log/kern
on the centos nodes when one of the instances drops packets:
This can happen when you are being attacked, or is also very likely to happen on a busy server even if there is no malicious activity.
NOTE: By default, CentOS will set this maximum to 65,536 connections. This is enough for lightly loaded servers, but can easily be exhausted on heavy traffic servers.
How to Fix
View the current maximum configured connections
To see the current used connections
Increase maximum configured connections limit