Apache connections dropped by Haproxy

Many times on RHEL, haproxy is not reliable it gives an errors while connecting to apache backend, at that time it logs the following errors into /var/log/messages

kernel: ip_conntrack: table full, dropping packet

this is related to ip_conntrack kernel module.

If found this error message into /var/log/messages need to apply following steps

ip_conntrack_max table full dropping packets

If you notice the above message in syslog, it looks like the conntrack database doesn’t have enough entries for your environment. Connection tracking by default handles up to a certain number of simultaneous connections. This number is dependent on you system’s maximum memory size.

Some symptoms can be: