We have a CCR1072 running on the latest version 6.48.6 longterm release.
This router function as a core router for our network and does both routing and natting. It maybe that we experience some slow DoS attacks as sometimes the connection tracking total-entries goes past 1000 000 entries. During normal operation the total-entries is around 600 000.
Once the total-entries reaches the max-entries of 1048 576 then the router starts dropping packets and become unresponsive. According to information found on the forums the max-entries values is supposed to automatically increase if the router has RAM available. Seeing as this is a CCR1072 there should not be an issue with RAM or CPU.
What should we do here to avoid this situation?
Can the Router increase past 1048 576 max-entries or is this the maximum limit?
Would appreciate any inputs here.