> >>or dynamic value with number of vms ?) > > Maybe, allowing something like 32000 connections by vm, (350byte of > memory by connection, around 10mb) and net.netfilter.nf_conntrack_max = > numberofvms x 32000. What is the advantage of using dynamic value? You want to save RAM?