Your server might be seeing a large number of
nf_conntrack: table full, dropping packet
This indicates that there are a large number of connections that are coming into the server.
The default maximum nf_conntrack_max value for CentOS is 65536.
While this is normally OK for a lightly used server, servers that experience a heavy amount of traffic may need to increase this value.
You may need to temporarily or permanently increase this value. You should consult with a qualified systems administrator before making these changes.
Check how many active connections are being tracked.
Check the current max value of nf_conntrack
Change the value temporarily to something higher (please note, that increasing this number will likely increase the system resource usage and load as it will be handling more connections at a time)
echo 524288 > /proc/sys/net/netfilter/nf_conntrack_max
To make this change permanent, please add the following line to the end /etc/sysctl.conf
net.netfilter.nf_conntrack_max = 524288
To help lessen the issues with a large number of connections, you may want to consider reducing the amount of time the server waits until it closes/timeouts the connections.
To do this, add the following lines to the end /etc/sysctl.conf
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 60 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 60
If you do not have access to a system administrator, we have a list that may be able to help