I started to experience strange and unpredictable delays in HTTP traffic. At first, I thought it might be DNS or my specific box. After messing around on another box, it appeared to be a network wide issue that needed to be resolved. ping kept complaining about sendto: errors.
PING edseek.com (207.36.208.156): 56 data bytes ping: sendto: Operation not permitted ping: wrote 207.36.208.156 64 chars, ret=-1
Fortunately, Google is your friend. I discovered that my ip_conntrack table was filling up. The Netfilter FAQ suggested a possible workaround. While the FAQ entry suggests that you should only use odd numbers if you increase the number of hash buckets, that does not seem to be true anymore. The LEAF documentation points to a more detailed document with a detailed explanation of ip_conntrack_max and ip_conntrack hashsize.
rebecca:~# cat /proc/net/ip_conntrack | wc -l 10863 rebecca:~# cat /proc/sys/net/ipv4/ip_conntrack_max 16384 rebecca:~# echo 32768 > /proc/sys/net/ipv4/ip_conntrack_max rebecca:~# cat /proc/sys/net/ipv4/ip_conntrack_max 32768
Well, actually, it was originally 8192 entries, but I fudged it so the output makes more sense since the original error output is long since gone. You only get 8192 entries by default at 128MB.