On 01/09/2012 07:40 PM, Bruno Friedmann wrote:
On a computer here setup years ago, we use the ip pass trough functionality of the router to get all the internet traffic directly on a network card setup with the external ip address. This has been work from years now, and if I restart the 12.1 with the older 11.4 kernel 2.6.37 it works too.
Now what's happen, I get thousand of connection on that interface (dns behind) and the arp cache is full in terms of minutes
I've already apply new values in sysctl.conf to have more time but it not a real working situation
it seems on 3.1 some changes happened in the related code and here it seems to live a patch http://patchwork.ozlabs.org/patch/123208/
a simple ip neigh show | wc -l ARP : 2012-01-09 19:10:39 : 0 ARP : 2012-01-09 19:11:09 : 0 ARP : 2012-01-09 19:11:39 : 42 ARP : 2012-01-09 19:12:09 : 73 ... ARP : 2012-01-09 19:37:09 : 554 ARP : 2012-01-09 19:37:39 : 558 ARP : 2012-01-09 19:38:09 : 562
sysctl.conf
# Patch for neibhboor table # Force gc to clean-up quickly net.ipv4.neigh.default.gc_interval = 3600 # Set ARP cache entry timeout net.ipv4.neigh.default.gc_stale_time = 3600 # Setup DNS threshold for arp net.ipv4.neigh.default.gc_thresh3 = 4096 net.ipv4.neigh.default.gc_thresh2 = 2048 net.ipv4.neigh.default.gc_thresh1 = 1024
if someone can drive me to build correctly under openSUSE 12.1 kernel the patch I can test it and report success or failure.
Thanks
reported as https://bugzilla.novell.com/show_bug.cgi?id=741452 -- Bruno Friedmann Ioda-Net Sàrl www.ioda-net.ch openSUSE Member & Ambassador GPG KEY : D5C9B751C4653227 irc: tigerfoot -- To unsubscribe, e-mail: opensuse-kernel+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kernel+owner@opensuse.org