[LARTC] neighbor table overflow

Marco C. Coelho maillist1 at argontech.net
Tue Oct 23 23:27:47 CEST 2007 

Is there a way to probe the kernel to find out how big the neighbor 
table is on a regular basis?  Without making a smoking hole of course.

BTW, Traffic shaping is also controlled via Radius.




Grant Taylor wrote:
> On 10/23/07 16:10, Marco C. Coelho wrote:
>> This box is doing a lot.  It terminates 1000 PPPoE connections, 
>> provides traffic shaping using TC/HTB, authenticates all users via 
>> Radius.  It also runs OSPF routing for the internal network.  Looking 
>> at a simple route output I see all the PPP connections coming through 
>> the box, and due to the OSPF I also see the rest of my network 
>> announcements.  The only strange things are:
>
> That's just a few things to do on one box.  How well is it handling it 
> if I can ask (aside from the problem that you are working on)?

It's actually pretty happy on a single processor, single core AMD 3000 
with 1.5 G of RAM (it was not happy with 512K!!!).   I've actually got a 
new Dual Core, Dual Processor box loaded and ready to place in 
production, but would like to fix this problem first.  Unfortunately it 
takes between a week and a month for the problem to surface.

model name      : AMD Athlon(tm) 64 Processor 3000+
stepping        : 0
cpu MHz         : 2000.000
cache size      : 512 KB

             total       used       free     shared    buffers     cached
Mem:       1554796    1044324     510472          0     221180     430860
-/+ buffers/cache:     392284    1162512
Swap:      4096496        148    4096348

ping times through this box:

64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): icmp_seq=1 
ttl=58 time=7.74 ms
64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): icmp_seq=2 
ttl=58 time=8.25 ms
64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): icmp_seq=3 
ttl=58 time=8.36 ms
64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): icmp_seq=4 
ttl=58 time=11.9 ms
64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): icmp_seq=5 
ttl=58 time=8.39 ms


>
>> 1.  The last man working on this box had mistakenly edited the hosts 
>> file and added the machine name and complete domain name to the local 
>> host 127.0.0.1 name.  It should only be pointed to the eth0 
>> interface.   I have changed this.
>
> Dough!
>
>> 2.  The route output is making an announcement
>>
>>    64.0.0.0        argontech.net   255.0.0.0       UG    20     
>> 0        0 eth0
>>
>> My public IP space is a /20 within that space, not the whole Class 
>> A.  I have not found which box is announcing this within my network yet.
>
> I would think that you could extract that information from OSPF, or at 
> least the system that is advertising and work backwards until you find 
> the ultimate culprit.

I'm working on it, but time is slim today (but not me)!

>
>
>
> Grant. . . .
> _______________________________________________
> LARTC mailing list
> LARTC at mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>

More information about the LARTC mailing list