[Bridge] Neighbour table overflow

Christopher E. Cramer chris.cramer at duke.edu
Tue Jan 4 12:30:53 PST 2005


we've had similar issues on a large scanning machine.  nothing like trying 
to keep 100,000 entries in your arp cache.

try the following (at least under redhat w/ 2.4 kernels):

echo 100000 > /proc/sys/net/ipv4/neigh/default/gc_thresh3

this will increase the max size of the neighbor table to 100000

-c

--
Christopher E. Cramer, Ph.D.
Information Technology Security Officer
Duke University,  Office of Information Technology


On Wed, 5 Jan 2005, WL Siew wrote:

> Hi,
> 
> I had successfully setup my bridge (br0) but after few minutes the br0 
> interface seems not working.
> 
> ifconfig eth0 0.0.0.0
> ifconfig eth5 0.0.0.0
> 
> brctl addbr br0
> 
> brctl addif br0 eth0
> brctl addif br0 eth5
> 
> brctl stp br0 on
> 
> I check on my system's /var/log/syslog file.  It shows something strange 
> messages as below: -
> 
> Jan  2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)
> Jan  2 10:44:32 fw01 last message repeated 11 times
> Jan  2 12:27:08 fw01 kernel: Neighbour table overflow.
> Jan  2 12:27:11 fw01 last message repeated 9 times
> Jan  2 12:27:13 fw01 kernel: NET: 10 messages suppressed.
> 
> I unplug the network cable connected to the eth5 and run a ping to my 
> router...the network is up again...I am able to ping my router.
> 
> Then, I plug the network cable to the eth5 interface again...I run the 
> ping to my router and suddenly I can't ping my router.  The same error 
> messages pops out in the /var/log/syslog file.
> 
> How can I solve this issue?
> 
> Regards,
> ro0ot
> 
> 
> _______________________________________________
> Bridge mailing list
> Bridge at lists.osdl.org
> http://lists.osdl.org/mailman/listinfo/bridge
> 



More information about the Bridge mailing list