Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Nickel

R80.20 T5 ARP table critical issue

I have a customer install R80.20 T5 with HPE Gen10 server, recently customer report that user randomly cannot connect to network, after research that I found 3.1 kernel not perform a well arp garbage recycling.

All incomplete arp record were kept in arp table cause new arp entry cannot insert.

I reprocedure this issue on my lab, the gateway only install, set nothing and not intialize, just ping and issue occure (at lease 1 mintues arp incomplete exist)

I had raise a TAC case, any good news will update here.

(view in My Videos)

0 Kudos
5 Replies
Highlighted

Re: R80.20 T5 ARP table critical issue

The arp driver will most certainly have been updated for kernel version 3.10; this ARP overflow issue is covered in my book so I'm definitely interested in any behavior changes here.  Can you please provide output from the following commands on the 3.10 system with the problem:

ls -l /proc/sys/net/ipv4/neigh/default

cat /proc/sys/net/ipv4/neigh/default/*

 

Book "Max Power 2020: Check Point Firewall Performance Optimization" Third Edition
Now Available at www.maxpowerfirewalls.com
0 Kudos
Highlighted
Nickel

Re: R80.20 T5 ARP table critical issue

 

2019-03-28_093700.png2019-03-28_093712.pngThe setting are all default withou change manually

0 Kudos
Highlighted
Nickel

Re: R80.20 T5 ARP table critical issue

S__9363467.jpgThe is capture from customer, befroe I change arp table cache size from 4096 to 16384, there is a lot of log in /var/log/message show below, few seconds a time.

net_ratelimit: N callbacks suppressed

0 Kudos
Highlighted
Nickel

Re: R80.20 T5 ARP table critical issue

2019-03-28_094242.pngI try to use some linux command to delete the arp entry, but it still stay in incomplete state.

I think when delete arp entry is set the record to incomplete state and waiting for remove, it's should be the mechanism of arp recycling.

Highlighted
Nickel

Re: R80.20 T5 ARP table critical issue

I do the lab tonight, T11 (kernel 3.1) also have the same arp issue, but T101 (kernel 2.6) won't.