Firewall Wizards mailing list archives
Re: Linux ARPD -- neighbor table overflow
From: "Paul D. Robertson" <paul () compuwar net>
Date: Thu, 18 Mar 2004 21:27:22 -0500 (EST)
On Thu, 18 Mar 2004, Jeff Adam wrote:
I have run into a problem recently with arp table size limitation in the Linux kernel. A bit of History I have been using the same box as a firewall for past couple of years and it has performed flawlessly Linux 2.4 / iptables but every couple of months the number of nodes on the LAN increases by 20 to 60 usually on the high end of that range we are already beyond 500 computers approaching 600 with plans to add 40 to 60 additional computers already being discussed. We have recently developed a problem with neighbor table overflows on the firewall during peak hours. I believe I have the problem repaired I recompiled the kernel with arpd support and netlink and installed arpd and made some changes in /proc Some other issues developed with arpd that were unexpected the problem is all of the documentation I found on arpd was rather dated including one written in 2001 that claimed the package (arpd) was far beyond abandoned by the upstream maintainer. im sure networks with more than 256 nodes are not that uncommon. My question is what experiences have other readers of the list had with this issue and what other solutions are there besides arpd for this issue.
[I don't know what the binary stuff was at the bottom of your message, that's what was forcing it to base-64- please fix it before responding.] Have you seen: http://www.spinics.net/lists/kernel/msg251771.html Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Linux ARPD -- neighbor table overflow Jeff Adam (Mar 18)
- Re: Linux ARPD -- neighbor table overflow Chris Doyle (Mar 18)
- Re: Linux ARPD -- neighbor table overflow Paul D. Robertson (Mar 18)