From: Roberto Nibali <ratz@tac.ch>
To: Ard van Breemen <ard@telegraafnet.nl>
Cc: netfilter@lists.netfilter.org
Subject: Re: Neighbour table overflow
Date: Thu, 28 Nov 2002 17:40:12 +0100 [thread overview]
Message-ID: <3DE646EC.60503@tac.ch> (raw)
In-Reply-To: 20021126183823.GD31207@telegraafnet.nl
> (From this point on I am just guessing and trying to understand
> the source code:)
> If I am correct, it will mark entries to be freed, so that they
> wont be used anymore. So to be able to use a specific destination
> again, it needs to make a new entry in the neighbour table. So
> instead of cleaning up the tables, your neighbour (arp) table
> will be filled fast if you see more new source ip's than that old
> neighbour entries are discarded by having their usage counts down
> to 0.
If you haven't already, please take a look at net/core/neighbour.c:neigh_alloc()
unsigned long now = jiffies;
if (tbl->entries > tbl->gc_thresh3 ||
(tbl->entries > tbl->gc_thresh2 &&
now - tbl->last_flush > 5*HZ)) {
if (neigh_forced_gc(tbl) == 0 &&
tbl->entries > tbl->gc_thresh3)
return NULL;
}
It's pretty straightforward and should give you everything you need.
> If somebody else knows the true truth about how it exactly works,
> please tell me. I will make notes of it for the lartc so it can
> be a FAQ.
I might write some documents about this because I recently had
someone on the LVS project with the same problems. However, if someone
from the LARTC guys writes it before I do, I won't be disappointed either.
Cheers,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc
next prev parent reply other threads:[~2002-11-28 16:40 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-11-26 10:00 more than 1 source ip Wasim Bashir
2002-11-26 10:18 ` Unknown, Raymond Leach
2002-11-26 10:53 ` Erdal Mutlu
2002-11-26 11:04 ` Erdal Mutlu
2002-11-26 14:40 ` Ben Russo
2002-11-26 18:39 ` Neighbour table overflow g_netfilter
2002-11-26 18:38 ` Ard van Breemen
2002-11-28 16:40 ` Roberto Nibali [this message]
2002-11-27 4:08 ` Arnt Karlsen
2002-11-26 22:49 ` more than 1 source ip Stewart Thompson
-- strict thread matches above, loose matches on Subject: below --
2005-03-23 14:08 Neighbour table overflow Sebastiao Antonio Campos (GWA)
2005-03-23 14:23 ` Jason Opperisano
2005-01-05 0:42 ro0ot
2005-01-05 2:25 ` Jason Opperisano
2004-10-28 2:25 John Pearson
2004-10-26 17:39 Dominik Karall
2004-10-26 21:23 ` Chris Wedgwood
2004-10-26 22:10 ` Dominik Karall
2004-10-26 21:52 ` Ernst Herzberg
2004-10-26 22:11 ` Dominik Karall
2004-10-26 23:06 ` David S. Miller
2004-10-26 23:58 ` Wichert Akkerman
2004-10-27 0:30 ` Dominik Karall
2001-01-22 14:38 Daniel Furse
2001-01-22 15:22 ` Wolfgang Denk
2001-01-22 11:33 Daniel Furse
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3DE646EC.60503@tac.ch \
--to=ratz@tac.ch \
--cc=ard@telegraafnet.nl \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.