[e-nsp] ARP Pending Entries queue being maxed out
Mikael Abrahamsson
swmike at swm.pp.se
Wed Sep 10 06:37:29 EDT 2014
On Wed, 10 Sep 2014, Warwick Duncan wrote:
> Hi Mikael
>
> On Wed, Sep 10, 2014 at 09:10:22AM +0200, Mikael Abrahamsson wrote:
> [..]
>> How many active and pending arp entries do you have?
>
> The last set of numbers we pulled was
> - Dynamic Entries : 347
> - Static Entries : 0
> - Pending Entries : 2048
>
> We've increased the maximum allowed value for Pending Entries as high as
> it can go.
How big are your subnets? From the look of it, it sounds like you have
fairly large subnets with traffic destined for IPs that do not exist
(scanning traffic?). This has been a problem before, I know people 10
years ago at Interop used large subnets out of the 45.0.0.0/8 they had,
and they had to lessen the size of the subnets because of scanning traffic
making the ARP engine in ExOS go haywire. So either try to remove this
unsolicited traffic to IPs not in use, or make the subnets smaller.
Either you do this, or you lower the pending timeout, I don't know if this
is possible, I don't have access to the gear you're using.
--
Mikael Abrahamsson email: swmike at swm.pp.se
More information about the extreme-nsp
mailing list