On Tue, 1 Jun 2004, Sriram K wrote:
- >This is because the arp table in your machine is overflowing.
- This never happens. A timeout is normally provided for entries
- in the ARP cache. Normally we hav a timeout of 20 minutes for a
- completed entry and 3 minutes for an incomplete entry. Also, the 20 min
- timeout will get restarted for an entry each time it gets used up. So
- whenever a new Internet add to mac address mapping happens, then, this
- new entry will replace the oldest entry present there in the arp cache.
- So I assure u, that the arp table never overflows.
Exactly. When you get 2000+ new entries per second and have a 20 minute
timeout, just see what will happen. All legit entries are old entries! And
it does overflow, and old entries are flushed.
- Ok, how does neighbour table relates to arp tables ?
I thought neighbour tables == arp tables? Not so? From what I read I think
they are the same. I might be totally wrong... so correct me .. :)
- In ur network (which u specified in ur previous mail), try arp -a and verify
the entries.
This behaviour is rampant in the IITM campus backbone. Frequent outages
because of this specific problem.
Quoting from one of the links posted previously,
-------
Normally, the kernel maintains an internal cache which maps IP
addresses to hardware addresses on the local network, so that
Ethernet/Token Ring/ etc. frames are sent to the proper address on the
physical networking layer. For small networks having a few hundred
directly connected hosts or less, keeping this address resolution (ARP)
cache inside the kernel works well. However, maintaining an internal ARP
cache does not work well for very large switched networks, and will use a
lot of kernel memory if TCP/IP connections are made to many machines on
the network.
If you say Y here, the kernel's internal ARP cache will never grow to
more than 256 entries (the oldest entries are expired in a LIFO manner)
and communication will be attempted with the user space ARP daemon arpd.
Arpd then answers the address resolution request either from its own cache
or by asking the net.
----------
