Comments on: ARP table overflow in Checkpoint and Linux in general http://yurisk.info/2009/12/15/arp-table-overflow-in-checkpoint-nad-linux-in-general/ Yuri Slobodyanyuk's blog on IT Security and Networking Tue, 31 Jan 2012 16:36:24 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Erik http://yurisk.info/2009/12/15/arp-table-overflow-in-checkpoint-nad-linux-in-general/comment-page-1/#comment-1936 Erik Fri, 07 Oct 2011 14:01:54 +0000 http://yurisk.info/?p=316#comment-1936 On all of our SPLATs there is a line "net.ipv4.ip_forward = 0" which disables routing. So sysctl -p caused some trouble. Maybe it's default in newer versions of SPLAT. I guess routing is reenabled after the load of the fw policy. The best solution for me was adding the 3 lines to /etc/sysctl.conf for when the reboot comes and setting the values temporary via #echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh1 #echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh2 #echo 16384 > /proc/sys/net/ipv4/neigh/default/gc_thresh3 So routing is all ok. On all of our SPLATs there is a line “net.ipv4.ip_forward = 0″ which disables routing. So sysctl -p caused some trouble. Maybe it’s default in newer versions of SPLAT. I guess routing is reenabled after the load of the fw policy.
The best solution for me was adding the 3 lines to /etc/sysctl.conf for when the reboot comes and setting the values temporary via
#echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh1
#echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
#echo 16384 > /proc/sys/net/ipv4/neigh/default/gc_thresh3
So routing is all ok.

]]> By: Yuri http://yurisk.info/2009/12/15/arp-table-overflow-in-checkpoint-nad-linux-in-general/comment-page-1/#comment-1151 Yuri Tue, 29 Jun 2010 18:42:34 +0000 http://yurisk.info/?p=316#comment-1151 Thanks Darrin , fixed, Thanks Darrin ,
fixed,

]]> By: Darrin http://yurisk.info/2009/12/15/arp-table-overflow-in-checkpoint-nad-linux-in-general/comment-page-1/#comment-1149 Darrin Tue, 29 Jun 2010 00:17:50 +0000 http://yurisk.info/?p=316#comment-1149 I think your temporary commnads should be: #echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh1 #echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh2 #echo 16384 > /proc/sys/net/ipv4/neigh/default/gc_thresh3 I think your temporary commnads should be:
#echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh1
#echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
#echo 16384 > /proc/sys/net/ipv4/neigh/default/gc_thresh3

]]> By: Yuri http://yurisk.info/2009/12/15/arp-table-overflow-in-checkpoint-nad-linux-in-general/comment-page-1/#comment-670 Yuri Fri, 29 Jan 2010 06:18:56 +0000 http://yurisk.info/?p=316#comment-670 Yeah, I wrote it after got additional cases of this so instead of explaining each time i give link and wish them good luck. Cheers. Yuri Yeah, I wrote it after got additional cases of this so instead of explaining each time i give link and wish them good luck.

Cheers.
Yuri

]]> By: David http://yurisk.info/2009/12/15/arp-table-overflow-in-checkpoint-nad-linux-in-general/comment-page-1/#comment-668 David Fri, 29 Jan 2010 00:10:58 +0000 http://yurisk.info/?p=316#comment-668 Nice Post, Though sounds familiar..:) Nice Post, Though sounds familiar..:)

]]>