Neighbour table overflow on Linux hosts related to bridging and ipv6

networking linux ipv6 arp

I believe your problem is because of a kernel bug that was patched in net-next.

Multicast snooping gets disabled when the bridge is initialized because of a bug trying to rehash the table. IGMP snooping stops the bridge from forwarding every HBH ICMPv6 multicast query reply, which results in the neighbour table filling up with ff02:: neighbours from multicast replies which it should not see (try ip -6 neigh show nud all).

The proper workaround is to attempt to re-enable snooping like: echo 1 > /sys/class/net/eth0/bridge/multicast_snooping. The alternative is to make the neighbour table gc thresholds bigger than the number of hosts in the broadcast domain.

The patch is here.


what's the return of ip route show cache table all when you're experiencing this error ?

arp -n or ip neigh show will only show some of the entries in the cache.

ip route show cache table all will be much more detailed (and will include a lot of v6 related entries).

We tried the obvious tweaks and raised the /proc/sys/net/ipv4/neigh/default/gc_thresh*

Did you do the same for ipv6 ? that solved the problem for us

Bye,

-- creis

Related

How can I check if PHP was compiled with the UNICODE version of the Win32 API?
Active Directory Authentication with LDAP proxy
iptables not allowing mysql connections to aliased ips?
jQuery .find() doesn't return data in IE but does in Firefox and Chrome
Vertical align not working on inline-block
Notification of or detecting screenshot before being taken?
C# RSA Public Key Output Not Correct
How to sort letters in a string?
fullcalendar multiple cell select on mobile device?
#1139 - Got error 'repetition-operator operand invalid' from regexp
ggplot2 geom_bar - how to keep order of data.frame [duplicate]
Get OS Version / Friendly Name in C#