We had an OES 1 box that was unable to communicate on the network, it was acting like it was recieving a DOS attack but traffic analysis did not indicate this. What we found was a situation where the server was on a network with considerable more hosts then the default ARP cache was able to maintain. The default threshold levels were set too low. We doubled the threshold limits using the information below.
 How to resolve “Neighbour table overflow” problem? |
 |
Â
Gnu/Linux servers (when used extensively as a server) throw the following messages in log file
  kernel: Neighbour table overflow. The solution to the problem is to increase the threshold level for the network devices To check the present threshold level 1 cat /proc/sys/net/ipv4/neigh/default/gc_thresh1 It will give some value as 128 or 256 or 512. This can be increased to the next level.Like if the value is 128 then make the thresh1 value as 256 and thresh2 as 512 and thresh3 as 1024. echo 256 > /proc/sys/net/ipv4/neigh/default/gc_thresh1 echo 512 > /proc/sys/net/ipv4/neigh/default/gc_thresh2 echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh3 This will stop the Error messages that were recieved in the log file |
This was reposted from gnulinuxclub.org
http://www.gnulinuxclub.org/index.php?option=com_content&task=view&id=333&Itemid=49