快中午了,开发那边反应121.14.11.38在操作机上ping严重丢包,我在我机器上ping一下,果然如此,之后我在操作机上traceroute 121.14.11.38,
traceroute 121.14.11.38
traceroute to 121.14.11.38 (121.14.11.38), 30 hops max, 38 byte packets
1 10.20.220.1 (10.20.220.1) 2.026 ms 1.704 ms 1.629 ms
2 10.20.254.233 (10.20.254.233) 0.282 ms 0.523 ms 0.184 ms
3 125.89.65.193 (125.89.65.193) 6.973 ms 2.426 ms 6.525 ms
4 125.89.65.253 (125.89.65.253) 2.378 ms 1.375 ms 1.234 ms
5 59.38.16.113 (59.38.16.113) 0.782 ms 1.077 ms 0.735 ms
6 183.59.0.162 (183.59.0.162) 10.617 ms 2.822 ms 3.031 ms
7 183.59.1.70 (183.59.1.70) 5.423 ms 5.378 ms 5.173 ms
8 113.108.208.138 (113.108.208.138) 44.840 ms 8.560 ms 8.724 ms
9 113.108.209.58 (113.108.209.58) 8.716 ms 8.712 ms 9.021 ms
10 58.63.232.234 (58.63.232.234) 7.771 ms 8.417 ms 7.600 ms
11 121.14.11.38 (121.14.11.38) 11.056 ms !<10> 60.263 ms !<10> 20.201 ms !<10>
再traceroute 121.14.11.163(同一个机房的)
traceroute 121.14.11.163
traceroute to 121.14.11.163 (121.14.11.163), 30 hops max, 38 byte packets
1 10.20.220.1 (10.20.220.1) 1.699 ms 2.776 ms 1.762 ms
2 10.20.254.233 (10.20.254.233) 0.352 ms 0.336 ms 0.239 ms
3 125.89.65.193 (125.89.65.193) 2.540 ms 2.491 ms 9.811 ms
4 125.89.65.253 (125.89.65.253) 1.748 ms 1.328 ms 1.163 ms
5 59.38.16.109 (59.38.16.109) 0.978 ms 1.095 ms 1.050 ms
6 183.59.0.158 (183.59.0.158) 3.148 ms 3.171 ms 3.256 ms
7 183.59.1.214 (183.59.1.214) 4.212 ms 4.255 ms 4.183 ms
8 113.108.208.114 (113.108.208.114) 8.822 ms 8.707 ms 8.697 ms
9 113.108.209.58 (113.108.209.58) 8.678 ms 8.918 ms 15.506 ms
10 58.63.232.234 (58.63.232.234) 8.174 ms 7.966 ms 8.001 ms
11 121.14.11.163 (121.14.11.163) 8.048 ms 8.021 ms 7.921 ms
大概定位问题在121.14.11.38本身上,我尝试ssh上去看看,登了好久才登上去,
我tail /var/log/messages一看
Feb 16 12:07:59 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:08:04 localhost kernel: printk: 38 messages suppressed.
Feb 16 12:08:04 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:08:09 localhost kernel: printk: 65 messages suppressed.
Feb 16 12:08:09 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:08:14 localhost kernel: printk: 114 messages suppressed.
Feb 16 12:08:14 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:08:19 localhost kernel: printk: 214 messages suppressed.
Feb 16 12:08:19 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:18:10 localhost kernel: printk: 50 messages suppressed.
再 cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count
1226753
哇,这么高,因为之前也遇到过这样的问题,需要在sysct.conf文件中加net.ipv4.ip_conntrack_max=131072这一条 来控制,我vi /etc/sysctl.conf一看,原来没有这条参数,赶快加上,至于这个值的大小是这么定的,网上是这样说的:这个值的大小是有机器的内存决定 的,65536是1G内存的大小,如果你的内存不止1G,那么设置的数值大小就是65536的倍数。2G是131072,4G是262144。数值可以比 当前内存可设置的最大值小,但是不能超过最大值,要不然设置之后是不生效的。
2 10.20.254.233 (10.20.254.233) 0.282 ms 0.523 ms 0.184 ms
3 125.89.65.193 (125.89.65.193) 6.973 ms 2.426 ms 6.525 ms
4 125.89.65.253 (125.89.65.253) 2.378 ms 1.375 ms 1.234 ms
5 59.38.16.113 (59.38.16.113) 0.782 ms 1.077 ms 0.735 ms
6 183.59.0.162 (183.59.0.162) 10.617 ms 2.822 ms 3.031 ms
7 183.59.1.70 (183.59.1.70) 5.423 ms 5.378 ms 5.173 ms
8 113.108.208.138 (113.108.208.138) 44.840 ms 8.560 ms 8.724 ms
9 113.108.209.58 (113.108.209.58) 8.716 ms 8.712 ms 9.021 ms
10 58.63.232.234 (58.63.232.234) 7.771 ms 8.417 ms 7.600 ms
11 121.14.11.38 (121.14.11.38) 11.056 ms !<10> 60.263 ms !<10> 20.201 ms !<10>
再traceroute 121.14.11.163(同一个机房的)
traceroute 121.14.11.163
traceroute to 121.14.11.163 (121.14.11.163), 30 hops max, 38 byte packets
1 10.20.220.1 (10.20.220.1) 1.699 ms 2.776 ms 1.762 ms
2 10.20.254.233 (10.20.254.233) 0.352 ms 0.336 ms 0.239 ms
3 125.89.65.193 (125.89.65.193) 2.540 ms 2.491 ms 9.811 ms
4 125.89.65.253 (125.89.65.253) 1.748 ms 1.328 ms 1.163 ms
5 59.38.16.109 (59.38.16.109) 0.978 ms 1.095 ms 1.050 ms
6 183.59.0.158 (183.59.0.158) 3.148 ms 3.171 ms 3.256 ms
7 183.59.1.214 (183.59.1.214) 4.212 ms 4.255 ms 4.183 ms
8 113.108.208.114 (113.108.208.114) 8.822 ms 8.707 ms 8.697 ms
9 113.108.209.58 (113.108.209.58) 8.678 ms 8.918 ms 15.506 ms
10 58.63.232.234 (58.63.232.234) 8.174 ms 7.966 ms 8.001 ms
11 121.14.11.163 (121.14.11.163) 8.048 ms 8.021 ms 7.921 ms
大概定位问题在121.14.11.38本身上,我尝试ssh上去看看,登了好久才登上去,
我tail /var/log/messages一看
Feb 16 12:07:59 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:08:04 localhost kernel: printk: 38 messages suppressed.
Feb 16 12:08:04 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:08:09 localhost kernel: printk: 65 messages suppressed.
Feb 16 12:08:09 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:08:14 localhost kernel: printk: 114 messages suppressed.
Feb 16 12:08:14 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:08:19 localhost kernel: printk: 214 messages suppressed.
Feb 16 12:08:19 localhost kernel: ip_conntrack: table full, dropping packet.
Feb 16 12:18:10 localhost kernel: printk: 50 messages suppressed.
再 cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count
1226753
哇,这么高,因为之前也遇到过这样的问题,需要在sysct.conf文件中加net.ipv4.ip_conntrack_max=131072这一条 来控制,我vi /etc/sysctl.conf一看,原来没有这条参数,赶快加上,至于这个值的大小是这么定的,网上是这样说的:这个值的大小是有机器的内存决定 的,65536是1G内存的大小,如果你的内存不止1G,那么设置的数值大小就是65536的倍数。2G是131072,4G是262144。数值可以比 当前内存可设置的最大值小,但是不能超过最大值,要不然设置之后是不生效的。
转载于:https://blog.51cto.com/navyaijm/809463
4396
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
