OpenWrt带机量过高引起ARP缓存溢出问题
OpenWrt带机量过高引起ARP缓存溢出问题
突然上不了网了 人傻了
日常查看内核日志dmesg:
[ 5352.346674] net_ratelimit: 1870 callbacks suppressed
[ 5352.346681] neighbour: arp_cache: neighbor table overflow!
[ 5352.347995] neighbour: arp_cache: neighbor table overflow!
[ 5352.348690] neighbour: arp_cache: neighbor table overflow!
[ 5352.348922] neighbour: arp_cache: neighbor table overflow!
[ 5352.349371] neighbour: arp_cache: neighbor table overflow!
[ 5352.350341] neighbour: arp_cache: neighbor table overflow!
[ 5352.351033] neighbour: arp_cache: neighbor table overflow!
[ 5352.351733] neighbour: arp_cache: neighbor table overflow!
[ 5352.352422] neighbour: arp_cache: neighbor table overflow!
[ 5352.353103] neighbour: arp_cache: neighbor table overflow!
[ 5382.685484] net_ratelimit: 2982 callbacks suppressed
[ 5382.685491] neighbour: arp_cache: neighbor table overflow!
[ 5382.686173] neighbour: arp_cache: neighbor table overflow!
[ 5382.686629] neighbour: arp_cache: neighbor table overflow!
[ 5382.687556] neighbour: arp_cache: neighbor table overflow!
[ 5382.688252] neighbour: arp_cache: neighbor table overflow!
[ 5382.688892] neighbour: arp_cache: neighbor table overflow!
[ 5382.689519] neighbour: arp_cache: neighbor table overflow!
[ 5382.690180] neighbour: arp_cache: neighbor table overflow!
[ 5382.690862] neighbour: arp_cache: neighbor table overflow!
[ 5382.691515] neighbour: arp_cache: neighbor table overflow!
好家伙 ARP的neighbour满了 ARP缓存直接溢出了
查看下gc阈值:
sysctl -a | grep net.ipv4.neigh.default.gc_thresh
结果:
net.ipv4.neigh.default.gc_thresh1 = 128
net.ipv4.neigh.default.gc_thresh2 = 512
net.ipv4.neigh.default.gc_thresh3 = 1024
sysctl: error reading key 'net.ipv6.conf.all.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.default.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.docker0.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.dummy0.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.erspan0.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.eth0.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.eth1.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.gretap0.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.ifb4eth1.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.lo.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.macvlan1.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.macvlan2.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.pppoe-vwan1.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.pppoe-vwan2.stable_secret': I/O error
sysctl: error reading key 'net.ipv6.conf.sit0.stable_secret': I/O error
临时修改一下:
sysctl -w net.ipv4.neigh.default.gc_thresh1=2048
sysctl -w net.ipv4.neigh.default.gc_thresh2=4096
sysctl -w net.ipv4.neigh.default.gc_thresh3=8192
sysctl -w net.ipv6.neigh.default.gc_thresh1=2048
sysctl -w net.ipv6.neigh.default.gc_thresh2=4096
sysctl -w net.ipv6.neigh.default.gc_thresh3=8192
修改/etc/sysctl.conf永久保存:
net.ipv4.neigh.default.gc_thresh1 = 2048
net.ipv4.neigh.default.gc_thresh2 = 4096
net.ipv4.neigh.default.gc_thresh3 = 8192
net.ipv6.neigh.default.gc_thresh1 = 2048
net.ipv6.neigh.default.gc_thresh2 = 4096
net.ipv6.neigh.default.gc_thresh3 = 8192
查看ARP条目
ip -4 neigh show nud all | wc -l
