Re: [fw-wiz] Linux ARPD -- neighbor table overflow

From: Paul D. Robertson (paul_at_compuwar.net)
Date: 03/19/04

  • Next message: Dave Piscitello: "RE: [fw-wiz] vpn end-point" 
    To: Jeff Adam <jadam@seark.edu>
Date: Thu, 18 Mar 2004 21:27:22 -0500 (EST)

    On Thu, 18 Mar 2004, Jeff Adam wrote:

    > I have run into a problem recently with arp table size limitation in the
    > Linux kernel.
    >
    >
    >
    > A bit of History
    >
    > I have been using the same box as a firewall for past couple of years
    > and it has performed flawlessly Linux 2.4 / iptables but every couple of
    > months the number of nodes on the LAN increases by 20 to 60 usually on
    > the high end of that range we are already beyond 500 computers
    > approaching 600 with plans to add 40 to 60 additional computers already
    > being discussed. We have recently developed a problem with neighbor
    > table overflows on the firewall during peak hours.
    >
    >
    >
    > I believe I have the problem repaired I recompiled the kernel with arpd
    > support and netlink and installed arpd and made some changes in /proc
    >
    > Some other issues developed with arpd that were unexpected
    >
    >
    > the problem is all of the documentation I found on arpd was rather dated
    > including one written in 2001 that claimed the package (arpd) was far
    > beyond abandoned by the upstream maintainer. im sure networks with more
    > than 256 nodes are not that uncommon. My question is what experiences
    > have other readers of the list had with this issue and what other
    > solutions are there besides arpd for this issue.
    >
    [I don't know what the binary stuff was at the bottom of your message,
    that's what was forcing it to base-64- please fix it before responding.]

    Have you seen:

    http://www.spinics.net/lists/kernel/msg251771.html

    Paul
    -----------------------------------------------------------------------------
    Paul D. Robertson "My statements in this message are personal opinions
    paul@compuwar.net which may have no basis whatsoever in fact."
    probertson@trusecure.com Director of Risk Assessment TruSecure Corporation
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Dave Piscitello: "RE: [fw-wiz] vpn end-point"

    Relevant Pages

    • Re: IP fragmentation with linux kernel 2.4.x
      ... > the following linux kernel behavior. ... > send the last ip fragment first. ... > I have a firewall that don't accept to ...
      (comp.os.linux.networking)
    • Re: Connection problem from Windows Client to Linux Server
      ... that the Linux Kernel 2.4.32 send our UDP ... packets in an non standard network protocol (Kernel 2.6.19 does it ... So the windows firewall blocks it and set the "Don't Fragment" bit. ...
      (comp.os.linux.networking)
    • Re: Firewall VS OS updates
      ... If I keep a Linux kernel and software packages updated, ... If I install a firewall and keep it updated with latest rules and ... > software packages related to security issues? ...
      (comp.os.linux.security)
    • Re: Firewall VS OS updates
      ... If I keep a Linux kernel and software packages updated, ... If I install a firewall and keep it updated with latest rules and ... > software packages related to security issues? ...
      (comp.security.firewalls)
    • [fw-wiz] Linux ARPD -- neighbor table overflow
      ... I have run into a problem recently with arp table size limitation in the Linux kernel. ... A bit of History ... I believe I have the problem repaired I recompiled the kernel with arpd support and netlink and installed arpd and made some changes in /proc ...
      (Firewall-Wizards)