Peter, I have encountered this problem when (for example) scanning the local network; possibly it could also indicate an intruder doing some port scanning. I did some googling which showed that the neighbour table is used by the kernel to contain ARP addresses, though I didn't manage to find out exactly what the consequences are when it fills up. Anyway you can increase its size which makes it less likely to fill up. I put the following lines in /etc/init.d/boot.local # Double the size of the ARP cache area to avoid "Neighbour table overflow" # messages (defaults are 128, 512, 1024). echo 256 > /proc/sys/net/ipv4/neigh/default/gc_thresh1 echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh2 echo 2048 > /proc/sys/net/ipv4/neigh/default/gc_thresh3 Bob On Tue, 23 Mar 2004, Peter Nixon wrote:
Does anyone have any idea as to the following?
Mar 23 02:02:58 firewall kernel: Neighbour table overflow. Mar 23 02:02:58 firewall kernel: MASQUERADE: No route: Rusty's brain broke! Mar 23 02:03:03 firewall kernel: NET: 6 messages suppressed.
============================================================== Bob Vickers R.Vickers@cs.rhul.ac.uk Dept of Computer Science, Royal Holloway, University of London WWW: http://www.cs.rhul.ac.uk/home/bobv Phone: +44 1784 443691