| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 May 2007 05:48:18 +0200 From: "Øyvind Vågen Jægtnes" <lorrides@...il.com> To: "Willy Tarreau" <w@....eu> Cc: linux-kernel@...r.kernel.org Subject: Re: Routing 600+ vlan's via linux problems (looks like arp problems) Hi again :) On 5/4/07, Willy Tarreau <w@....eu> wrote: > On Thu, May 03, 2007 at 11:12:09PM +0200, Øyvind Vågen Jægtnes wrote: > > On 5/3/07, Jan Engelhardt <jengelh@...ux01.gwdg.de> wrote: > > > > > >On May 3 2007 22:53, Willy Tarreau wrote: > > >>> For the rest all we see in the arp cache is (incomplete) > > >> > > >>I suspect that your arp cache is full (128 entries by default). > > >>Check /proc/sys/net/ipv4/neigh/gc_thresh1 (128 for me). You can > > >>set it as high as gc_thresh2 (512 for me), and I don't know what > > >>happens above. > > > > > >Above, you will perhaps need the not-so-elegant userspace arpd :-/ > > > > Yes, i was suspecting that the arp cache got full, but i will try > > increasing it :) > > Would there be any huge bugs if i change these lines in arp.c: > > > > .gc_thresh1 = 128, > > .gc_thresh2 = 512, > > > > to > > > > .gc_thresh1 = 700, > > .gc_thresh2 = 700, > > > > under the definition for struct arp_tbl? > > I don't think it could cause a problem, but network people will surely > correct me if I'm wrong. System is up and running perfectly now, it is routing everything at about 200 mbps now with only 5% load avg with the above changes to arp.c So the real question now is, why is this number so low by default? It would probably be much better if this could be handled dynamically in the kernel. > > This setup will only run for about 1-2 hours while we fix the hardware > > router (it is running now, but only on a backup flash card solution. > > the harddrive in it died ;) > > Huhhh! Please tell us exactly what make and model of ROUTER you are using > which embeds a HARD DRIVE, so that we recall never to buy that ! Having > seen uptimes of 5 years on moderately big access routers, I would have > find it awful to see them die multiple times in that timeframe because > of a crappy IDE drive inside ! Its a Juniper M7i It comes default with a 5400 rpm laptop 2.5" harddrive but now we bought a more robust "server" 2.5" harddrive. It still barfs on the OS install, so the linux is doing all the job now. Will get a juniper guy to come and fix :) As a side note, i'm starting to wonder if it was worth the $20k when i could just have a linux machine to do the job with a clone for backup ;) regards Øyvind Vågen Jægtnes +47 96 22 03 08 lorrides@...il.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists