Where is the correct place to set net.netfilter.nf_conntrack_buckets?

centos6 sysctl conntrack nf-conntrack

I think that sysctl parameter is for viewing only. You'll want to use the /sys/module/nf_conntrack/parameters/hashsize interface for runtime changes, and the hashsize module option to set it during initial module load.

You'd want an entry in a /etc/modprobe.d/ file that looks something like this:

options nf_conntrack hashsize=XXXXX


Further to Andrew B's answer:

For some reason, the RHEL documentation recommends putting an executable shell script with a name like nf_conntrack_hashsize.modules extension into /etc/sysconfig/modules instead. I have no idea why. Contents would look like:

#!/bin/sh
exec /sbin/modprobe nf_conntrack hashsize=262144

You need to put a file called, for example, localhost inside /etc/modprobe.d/ directory.

Inside this file, add these lines (value is an example):

options nf_conntrack hashsize=333333

And now, the more quick solution is a restart, the other option is to try a reload the nf_conntrack kernel module, wich is a bit difficult because it's linked with others running modules.

Check the result with:

cat /sys/module/nf_conntrack/parameters/hashsize

Related

Are Linux cron Jobs each executed sequentially or in parallel?
Is there a way to log a per request unique id for nginx?
Logical volume attributes
Elasticsearch is using way too much disk space
Booting an EC2 instance from an existing EBS volume
docker-machine on an existing, "generic" host?
Why are connections in FIN_WAIT2 state not closed by the Linux kernel?
How to configure nginx + ssl with an encrypted key in .pem format
How do I find out what version of SMB is in use by each attached client to a Windows Server 2016?
Remove the Language Bar from the taskbar (WinXP)
How to view SQL Server licenses
How do I prevent GNU Screen from reseting my prompt? [closed]