* [Bridge] Neighbour table overflow
@ 2005-01-04 17:39 WL Siew
2005-01-04 20:30 ` Christopher E. Cramer
2005-01-04 21:04 ` Bart De Schuymer
0 siblings, 2 replies; 8+ messages in thread
From: WL Siew @ 2005-01-04 17:39 UTC (permalink / raw)
To: bridge
Hi,
I had successfully setup my bridge (br0) but after few minutes the br0
interface seems not working.
ifconfig eth0 0.0.0.0
ifconfig eth5 0.0.0.0
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth5
brctl stp br0 on
I check on my system's /var/log/syslog file. It shows something strange
messages as below: -
Jan 2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)
Jan 2 10:44:32 fw01 last message repeated 11 times
Jan 2 12:27:08 fw01 kernel: Neighbour table overflow.
Jan 2 12:27:11 fw01 last message repeated 9 times
Jan 2 12:27:13 fw01 kernel: NET: 10 messages suppressed.
I unplug the network cable connected to the eth5 and run a ping to my
router...the network is up again...I am able to ping my router.
Then, I plug the network cable to the eth5 interface again...I run the
ping to my router and suddenly I can't ping my router. The same error
messages pops out in the /var/log/syslog file.
How can I solve this issue?
Regards,
ro0ot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bridge] Neighbour table overflow
2005-01-04 17:39 [Bridge] Neighbour table overflow WL Siew
@ 2005-01-04 20:30 ` Christopher E. Cramer
2005-01-04 21:04 ` Bart De Schuymer
1 sibling, 0 replies; 8+ messages in thread
From: Christopher E. Cramer @ 2005-01-04 20:30 UTC (permalink / raw)
To: WL Siew; +Cc: bridge
we've had similar issues on a large scanning machine. nothing like trying
to keep 100,000 entries in your arp cache.
try the following (at least under redhat w/ 2.4 kernels):
echo 100000 > /proc/sys/net/ipv4/neigh/default/gc_thresh3
this will increase the max size of the neighbor table to 100000
-c
--
Christopher E. Cramer, Ph.D.
Information Technology Security Officer
Duke University, Office of Information Technology
On Wed, 5 Jan 2005, WL Siew wrote:
> Hi,
>
> I had successfully setup my bridge (br0) but after few minutes the br0
> interface seems not working.
>
> ifconfig eth0 0.0.0.0
> ifconfig eth5 0.0.0.0
>
> brctl addbr br0
>
> brctl addif br0 eth0
> brctl addif br0 eth5
>
> brctl stp br0 on
>
> I check on my system's /var/log/syslog file. It shows something strange
> messages as below: -
>
> Jan 2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)
> Jan 2 10:44:32 fw01 last message repeated 11 times
> Jan 2 12:27:08 fw01 kernel: Neighbour table overflow.
> Jan 2 12:27:11 fw01 last message repeated 9 times
> Jan 2 12:27:13 fw01 kernel: NET: 10 messages suppressed.
>
> I unplug the network cable connected to the eth5 and run a ping to my
> router...the network is up again...I am able to ping my router.
>
> Then, I plug the network cable to the eth5 interface again...I run the
> ping to my router and suddenly I can't ping my router. The same error
> messages pops out in the /var/log/syslog file.
>
> How can I solve this issue?
>
> Regards,
> ro0ot
>
>
> _______________________________________________
> Bridge mailing list
> Bridge@lists.osdl.org
> http://lists.osdl.org/mailman/listinfo/bridge
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bridge] Neighbour table overflow
2005-01-04 17:39 [Bridge] Neighbour table overflow WL Siew
2005-01-04 20:30 ` Christopher E. Cramer
@ 2005-01-04 21:04 ` Bart De Schuymer
2005-01-05 0:40 ` ro0ot
1 sibling, 1 reply; 8+ messages in thread
From: Bart De Schuymer @ 2005-01-04 21:04 UTC (permalink / raw)
To: WL Siew; +Cc: bridge
Op wo, 05-01-2005 te 01:39 +0800, schreef WL Siew:
> Hi,
>
> I had successfully setup my bridge (br0) but after few minutes the br0
> interface seems not working.
>
> ifconfig eth0 0.0.0.0
> ifconfig eth5 0.0.0.0
>
> brctl addbr br0
>
> brctl addif br0 eth0
> brctl addif br0 eth5
>
> brctl stp br0 on
From the information you give, it seems that you assigned the IP address
0.0.0.0 to your bridge ports and you didn't to start the bridge itself.
Your box therefore has no IP address and will therefore not respond to
icmp messages.
Try
# ifconfig br0 $IP_ADDRESS
A ping to $IP_ADDRESS from another host should then work (after you
start the bridge it can take a few seconds before the bridge responds).
> I check on my system's /var/log/syslog file. It shows something strange
> messages as below: -
>
> Jan 2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)
> Jan 2 10:44:32 fw01 last message repeated 11 times
> Jan 2 12:27:08 fw01 kernel: Neighbour table overflow.
> Jan 2 12:27:11 fw01 last message repeated 9 times
> Jan 2 12:27:13 fw01 kernel: NET: 10 messages suppressed.
Perhaps these are triggered by the fact that your network devices enter
promiscuous mode.
> I unplug the network cable connected to the eth5 and run a ping to my
> router...the network is up again...I am able to ping my router.
I'm assuming you are talking about the bridge box when you are talking
about the router? The bridge ports of a bridge are by default not
separately pingable. Only the IP address of the bridge (br0) device
itself is pingable.
You can change that behaviour by making a brouter. You can then assign
IP addresses to the bridge ports and use them.
cheers,
Bart
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bridge] Neighbour table overflow
2005-01-04 21:04 ` Bart De Schuymer
@ 2005-01-05 0:40 ` ro0ot
2005-01-05 14:10 ` ro0ot
0 siblings, 1 reply; 8+ messages in thread
From: ro0ot @ 2005-01-05 0:40 UTC (permalink / raw)
To: bridge
I had this line for the br0 IP address: -
ifconfig br0 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
Regards,
ro0ot
Bart De Schuymer wrote:
>Op wo, 05-01-2005 te 01:39 +0800, schreef WL Siew:
>
>
>>Hi,
>>
>>I had successfully setup my bridge (br0) but after few minutes the br0
>>interface seems not working.
>>
>>ifconfig eth0 0.0.0.0
>>ifconfig eth5 0.0.0.0
>>
>>brctl addbr br0
>>
>>brctl addif br0 eth0
>>brctl addif br0 eth5
>>
>>brctl stp br0 on
>>
>>
>
>>From the information you give, it seems that you assigned the IP address
>0.0.0.0 to your bridge ports and you didn't to start the bridge itself.
>Your box therefore has no IP address and will therefore not respond to
>icmp messages.
>
>Try
># ifconfig br0 $IP_ADDRESS
>A ping to $IP_ADDRESS from another host should then work (after you
>start the bridge it can take a few seconds before the bridge responds).
>
>
>
>>I check on my system's /var/log/syslog file. It shows something strange
>>messages as below: -
>>
>>Jan 2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)
>>Jan 2 10:44:32 fw01 last message repeated 11 times
>>Jan 2 12:27:08 fw01 kernel: Neighbour table overflow.
>>Jan 2 12:27:11 fw01 last message repeated 9 times
>>Jan 2 12:27:13 fw01 kernel: NET: 10 messages suppressed.
>>
>>
>
>Perhaps these are triggered by the fact that your network devices enter
>promiscuous mode.
>
>
>
>>I unplug the network cable connected to the eth5 and run a ping to my
>>router...the network is up again...I am able to ping my router.
>>
>>
>
>I'm assuming you are talking about the bridge box when you are talking
>about the router? The bridge ports of a bridge are by default not
>separately pingable. Only the IP address of the bridge (br0) device
>itself is pingable.
>You can change that behaviour by making a brouter. You can then assign
>IP addresses to the bridge ports and use them.
>
>cheers,
>Bart
>
>
>
>
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bridge] Neighbour table overflow
2005-01-05 0:40 ` ro0ot
@ 2005-01-05 14:10 ` ro0ot
2005-01-06 21:56 ` Stephen Hemminger
0 siblings, 1 reply; 8+ messages in thread
From: ro0ot @ 2005-01-05 14:10 UTC (permalink / raw)
To: bridge
Based on the result of the command "brctl showstp br0" below, what is
the "designated bridge" means?
Something strange on this line "designated bridge
8000.000e6ae78720", this is because this is the MAC address of my 3Com
4400 switch which I have VLAN running and bridge too...
Will this cause the problem?
root@fw01:~# brctl showstp br0
br0
bridge id 8000.000c4120c1a6
designated root 8000.000bac2851c0
root port 2 path cost 136
max age 20.00 bridge max
age 20.00
hello time 2.00 bridge hello
time 2.00
forward delay 15.00 bridge forward
delay 15.00
ageing time 300.00
hello timer 0.00 tcn
timer 0.00
topology change timer 0.00 gc
timer 0.90
flags
eth0 (1)
port id 8001 state
forwarding
designated root 8000.000bac2851c0 path cost 100
designated bridge 8000.000c4120c1a6 message age
timer 0.00
designated port 8001 forward delay
timer 0.00
designated cost 136 hold
timer 0.00
flags
eth5 (2)
port id 8002 state
forwarding
designated root 8000.000bac2851c0 path cost 100
designated bridge 8000.000e6ae78720 message age
timer 3.08
designated port 800d forward delay
timer 0.00
designated cost 36 hold
timer 0.00
flags
ro0ot wrote:
> I had this line for the br0 IP address: -
>
> ifconfig br0 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
>
> Regards,
> ro0ot
>
>
> Bart De Schuymer wrote:
>
>> Op wo, 05-01-2005 te 01:39 +0800, schreef WL Siew:
>>
>>
>>> Hi,
>>>
>>> I had successfully setup my bridge (br0) but after few minutes the
>>> br0 interface seems not working.
>>>
>>> ifconfig eth0 0.0.0.0
>>> ifconfig eth5 0.0.0.0
>>>
>>> brctl addbr br0
>>>
>>> brctl addif br0 eth0
>>> brctl addif br0 eth5
>>>
>>> brctl stp br0 on
>>>
>>
>>
>>> From the information you give, it seems that you assigned the IP
>>> address
>>
>> 0.0.0.0 to your bridge ports and you didn't to start the bridge itself.
>> Your box therefore has no IP address and will therefore not respond to
>> icmp messages.
>>
>> Try
>> # ifconfig br0 $IP_ADDRESS
>> A ping to $IP_ADDRESS from another host should then work (after you
>> start the bridge it can take a few seconds before the bridge responds).
>>
>>
>>
>>> I check on my system's /var/log/syslog file. It shows something
>>> strange messages as below: -
>>>
>>> Jan 2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)
>>> Jan 2 10:44:32 fw01 last message repeated 11 times
>>> Jan 2 12:27:08 fw01 kernel: Neighbour table overflow.
>>> Jan 2 12:27:11 fw01 last message repeated 9 times
>>> Jan 2 12:27:13 fw01 kernel: NET: 10 messages suppressed.
>>>
>>
>>
>> Perhaps these are triggered by the fact that your network devices enter
>> promiscuous mode.
>>
>>
>>
>>> I unplug the network cable connected to the eth5 and run a ping to
>>> my router...the network is up again...I am able to ping my router.
>>>
>>
>>
>> I'm assuming you are talking about the bridge box when you are talking
>> about the router? The bridge ports of a bridge are by default not
>> separately pingable. Only the IP address of the bridge (br0) device
>> itself is pingable.
>> You can change that behaviour by making a brouter. You can then assign
>> IP addresses to the bridge ports and use them.
>>
>> cheers,
>> Bart
>>
>>
>>
>>
>>
>
>
>
> _______________________________________________
> Bridge mailing list
> Bridge@lists.osdl.org
> http://lists.osdl.org/mailman/listinfo/bridge
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bridge] Neighbour table overflow
2005-01-05 14:10 ` ro0ot
@ 2005-01-06 21:56 ` Stephen Hemminger
0 siblings, 0 replies; 8+ messages in thread
From: Stephen Hemminger @ 2005-01-06 21:56 UTC (permalink / raw)
To: ro0ot; +Cc: bridge
On Wed, 05 Jan 2005 22:10:48 +0800
ro0ot <ro0ot@phreaker.net> wrote:
> Based on the result of the command "brctl showstp br0" below, what is
> the "designated bridge" means?
It means the the next step up the hierarchal spanning tree
from this bridge. I.e where to send frames that aren't in the
bridge forwarding table
>
> Something strange on this line "designated bridge
> 8000.000e6ae78720", this is because this is the MAC address of my 3Com
> 4400 switch which I have VLAN running and bridge too...
Many switches use the same spanning tree protocol because they are
really just bridges. The issue is they assume that any other bridge
also sees all the traffic (and is not just on the VLAN).
You could try turning off STP but it might not help.
> Will this cause the problem?
>
> root@fw01:~# brctl showstp br0
> br0
> bridge id 8000.000c4120c1a6
> designated root 8000.000bac2851c0
> root port 2 path cost 136
> max age 20.00 bridge max
> age 20.00
> hello time 2.00 bridge hello
> time 2.00
> forward delay 15.00 bridge forward
> delay 15.00
> ageing time 300.00
> hello timer 0.00 tcn
> timer 0.00
> topology change timer 0.00 gc
> timer 0.90
> flags
>
>
> eth0 (1)
> port id 8001 state
> forwarding
> designated root 8000.000bac2851c0 path cost 100
> designated bridge 8000.000c4120c1a6 message age
> timer 0.00
> designated port 8001 forward delay
> timer 0.00
> designated cost 136 hold
> timer 0.00
> flags
>
> eth5 (2)
> port id 8002 state
> forwarding
> designated root 8000.000bac2851c0 path cost 100
> designated bridge 8000.000e6ae78720 message age
> timer 3.08
> designated port 800d forward delay
> timer 0.00
> designated cost 36 hold
> timer 0.00
> flags
>
>
> ro0ot wrote:
>
> > I had this line for the br0 IP address: -
> >
> > ifconfig br0 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
> >
> > Regards,
> > ro0ot
> >
> >
> > Bart De Schuymer wrote:
> >
> >> Op wo, 05-01-2005 te 01:39 +0800, schreef WL Siew:
> >>
> >>
> >>> Hi,
> >>>
> >>> I had successfully setup my bridge (br0) but after few minutes the
> >>> br0 interface seems not working.
> >>>
> >>> ifconfig eth0 0.0.0.0
> >>> ifconfig eth5 0.0.0.0
> >>>
> >>> brctl addbr br0
> >>>
> >>> brctl addif br0 eth0
> >>> brctl addif br0 eth5
> >>>
> >>> brctl stp br0 on
> >>>
> >>
> >>
> >>> From the information you give, it seems that you assigned the IP
> >>> address
> >>
> >> 0.0.0.0 to your bridge ports and you didn't to start the bridge itself.
> >> Your box therefore has no IP address and will therefore not respond to
> >> icmp messages.
> >>
> >> Try
> >> # ifconfig br0 $IP_ADDRESS
> >> A ping to $IP_ADDRESS from another host should then work (after you
> >> start the bridge it can take a few seconds before the bridge responds).
> >>
> >>
> >>
> >>> I check on my system's /var/log/syslog file. It shows something
> >>> strange messages as below: -
> >>>
> >>> Jan 2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)
> >>> Jan 2 10:44:32 fw01 last message repeated 11 times
> >>> Jan 2 12:27:08 fw01 kernel: Neighbour table overflow.
> >>> Jan 2 12:27:11 fw01 last message repeated 9 times
> >>> Jan 2 12:27:13 fw01 kernel: NET: 10 messages suppressed.
> >>>
> >>
> >>
> >> Perhaps these are triggered by the fact that your network devices enter
> >> promiscuous mode.
> >>
> >>
> >>
> >>> I unplug the network cable connected to the eth5 and run a ping to
> >>> my router...the network is up again...I am able to ping my router.
> >>>
> >>
> >>
> >> I'm assuming you are talking about the bridge box when you are talking
> >> about the router? The bridge ports of a bridge are by default not
> >> separately pingable. Only the IP address of the bridge (br0) device
> >> itself is pingable.
> >> You can change that behaviour by making a brouter. You can then assign
> >> IP addresses to the bridge ports and use them.
> >>
> >> cheers,
> >> Bart
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
> > _______________________________________________
> > Bridge mailing list
> > Bridge@lists.osdl.org
> > http://lists.osdl.org/mailman/listinfo/bridge
> >
>
>
>
> _______________________________________________
> Bridge mailing list
> Bridge@lists.osdl.org
> http://lists.osdl.org/mailman/listinfo/bridge
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bridge] Neighbour table overflow.
@ 2005-01-04 17:50 ro0ot
2005-01-04 18:26 ` Stephen Hemminger
0 siblings, 1 reply; 8+ messages in thread
From: ro0ot @ 2005-01-04 17:50 UTC (permalink / raw)
To: bridge
Hi,
I had setup my bridge (br0) as below: -
ifconfig eth0 0.0.0.0
ifconfig eth5 0.0.0.0
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth5
brctl stp br0 on
Once I connect both the interface (eth0 and eth5) to my network. I
can't ping to my router (connect to eth0) or ping to my other IP
addresses (connect to eth5). I check around and found out some messages
pops up in /var/log/syslog file as below: -
Jan 2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)
Jan 2 10:44:32 fw01 last message repeated 11 times
Jan 2 12:27:08 fw01 kernel: Neighbour table overflow.
Jan 2 12:27:11 fw01 last message repeated 9 times
Jan 2 12:27:13 fw01 kernel: NET: 10 messages suppressed.
Jan 2 12:27:13 fw01 kernel: Neighbour table overflow.
Jan 2 12:27:18 fw01 kernel: NET: 27 messages suppressed.
Jan 2 12:27:18 fw01 kernel: Neighbour table overflow.
Once I disconnect the cable from the eth5 interface, I can ping to my
router. I try to reconnect the cable back to the eth5 interface and run
a ping to my router. As the result, I can't ping the router and the
similar messages pops up in the /var/log/syslog file.
How can I resolve this issue?
Regards,
ro0ot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Bridge] Neighbour table overflow.
2005-01-04 17:50 ro0ot
@ 2005-01-04 18:26 ` Stephen Hemminger
0 siblings, 0 replies; 8+ messages in thread
From: Stephen Hemminger @ 2005-01-04 18:26 UTC (permalink / raw)
To: ro0ot; +Cc: bridge
On Wed, 05 Jan 2005 01:50:32 +0800
ro0ot <ro0ot@phreaker.net> wrote:
> Hi,
>
> I had setup my bridge (br0) as below: -
>
> ifconfig eth0 0.0.0.0
> ifconfig eth5 0.0.0.0
>
> brctl addbr br0
>
> brctl addif br0 eth0
> brctl addif br0 eth5
>
> brctl stp br0 on
>
> Once I connect both the interface (eth0 and eth5) to my network. I
> can't ping to my router (connect to eth0) or ping to my other IP
> addresses (connect to eth5). I check around and found out some messages
> pops up in /var/log/syslog file as below: -
>
> Jan 2 10:44:22 fw01 kernel: ipt_tcpmss_target: bad length (64 bytes)
> Jan 2 10:44:32 fw01 last message repeated 11 times
> Jan 2 12:27:08 fw01 kernel: Neighbour table overflow.
> Jan 2 12:27:11 fw01 last message repeated 9 times
> Jan 2 12:27:13 fw01 kernel: NET: 10 messages suppressed.
> Jan 2 12:27:13 fw01 kernel: Neighbour table overflow.
> Jan 2 12:27:18 fw01 kernel: NET: 27 messages suppressed.
> Jan 2 12:27:18 fw01 kernel: Neighbour table overflow.
>
> Once I disconnect the cable from the eth5 interface, I can ping to my
> router. I try to reconnect the cable back to the eth5 interface and run
> a ping to my router. As the result, I can't ping the router and the
> similar messages pops up in the /var/log/syslog file.
>
> How can I resolve this issue?
>
>
It is an iptables/ebtables issue, you should check with
netfilter-user@lists.netfilter.org or ebtables-user@lists.sourceforge.net
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2005-01-06 21:56 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-01-04 17:39 [Bridge] Neighbour table overflow WL Siew
2005-01-04 20:30 ` Christopher E. Cramer
2005-01-04 21:04 ` Bart De Schuymer
2005-01-05 0:40 ` ro0ot
2005-01-05 14:10 ` ro0ot
2005-01-06 21:56 ` Stephen Hemminger
-- strict thread matches above, loose matches on Subject: below --
2005-01-04 17:50 ro0ot
2005-01-04 18:26 ` Stephen Hemminger
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.