Stonesoft News
(1 votes, average: 4.00 out of 5)
Loading ...The arp cache timeout resides in
/proc/sys/net/ipv4/neigh/[DEV]/gc_stale_time
and the default value is 60 seconds.
The arp cache entries can be listed with ‘ip neighbor‘ command.
(2 votes, average: 5.00 out of 5) Loading ...“Neighbour table overflow” message comes from linux kernel and means that ARP cache overflows. This may happen if there are a lot of directly connected hosts behind firewall’s interface.
It is possible to increase the size of engine’s ARP cache by changing values of
/proc/sys/net/ipv4/neigh/default/gc_thresh3 (The hard maximum number of entries to keep in the ARP cache. Defaults to 1024.) and
/proc/sys/net/ipv4/neigh/default/gc_thresh2 (The soft maximum number of entries to keep in the ARP cache. Defaults to 512.)
The changes should be made to /data/run-at-boot (remember Firewall state transitions) file in order for changes to survive boot. The run-at-boot file must be created with execute permission for root.
Add the following lines to /data/run-at-boot file in all of the engines of the cluster:
#!/bin/sh
echo 8192 >/proc/sys/net/ipv4/neigh/default/gc_thresh3
echo 4096 >/proc/sys/net/ipv4/neigh/default/gc_thresh2
The change activates after boot or by executing the run-at-boot script. The change should be activated as simultaneously as possible in all the nodes of the cluster, so that the functioning of the nodes in the cluster would be same all the time.
Recent Comments