How to change netfilter parameters?
As of version 4.9.0, VMmanager automatically changes the settings of the netfilter built-in firewall when a new cluster node is connected. In particular, VMmanager increases the values of net.nf_conntrack_max and net.netfilter.nf_conntrack_max parameters controlling the maximum number of network connections to 1048576. This helps to avoid errors similar to nf_conntrack: table full, dropping packet causing the loss of network packets.
To change these parameters on the connected cluster nodes manually:
- Connect to the server with VMmanager via SSH.
Enable ip_conntrack module:
Set the new value of the parameter net.netfilter.nf_conntrack_max. We recommend to increase that value to 1048576:
To apply the settings, execute the command:
Check that the parameters have been changed:
The response to the command should look as follows: