[lxc-users] IPv6: Neighbour table overflow
Serge Hallyn
serge.hallyn at ubuntu.com
Tue Feb 18 16:56:04 UTC 2014
Quoting Tamas Papp (tompos at martos.bme.hu):
> hi All,
>
> I spent the whole day with debugging a weird network issue. On our
> network there were packet losses, ping timeout and everything you can image.
> I was sure, there is a loop, or faulty switch, but wasn't able really
> identify the root. Sometime it was better, then the packet losses came
> back after a while (last time after 5 hours...).
>
> Then I looked into syslog on one of servers and I saw many messages like
> this:
>
> [772718.275810] IPv6: Neighbour table overflow
http://cosu.ro/blog/2011/09/26/ipv6-neighbour-table-overflow/ makes it
sound like those are just magic values, and suggests raising them
without looking into why (which I'm not saying I agree with :)
http://www.arcweb.ro/blog/2011/12/13/neighbour-table-overflow-debug-ipv4-and-ipv6/
suggests blaming "occasional big spike of IPv6 ARP requests". Which
could be just an accident... or could be some sort of attack.
...
> The system was running without any glitch for months.
> Any idea?
I'm ashamed to admit I *still* haven't dived into the ipv6
pool. The msgs mean nothing to me. Maybe this rings a bell for
Stéphane?
Anyway if you don't actually use ipv6, then certainly disabling
it seems the safer option. I prefer to disable code I'm not using.
More information about the lxc-users
mailing list