From owner-freebsd-isp Tue Jul 17 11:31: 0 2001 Delivered-To: freebsd-isp@freebsd.org Received: from workhorse.iMach.com (workhorse.iMach.com [206.127.77.89]) by hub.freebsd.org (Postfix) with ESMTP id 807F637B401 for ; Tue, 17 Jul 2001 11:30:52 -0700 (PDT) (envelope-from forrestc@imach.com) Received: from localhost (forrestc@localhost) by workhorse.iMach.com (8.9.3/8.9.3) with ESMTP id MAA26882; Tue, 17 Jul 2001 12:29:24 -0600 (MDT) Date: Tue, 17 Jul 2001 12:29:23 -0600 (MDT) From: "Forrest W. Christian" To: Dev Cc: freebsd-isp@FreeBSD.ORG Subject: Re: HELP NEEDED. :) ARP problems - ARP incomplete showing up on our network In-Reply-To: <3B5438A1.B7A54A1D@wserv8.inetu.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org You are probably being attacked. Make sure you have ICMP_BANDLIM in the kernel. Look for "Limiting .... response" messages in the syslog. increase your NMBCLUSTERS. The max recommended is 32768. I usually use 32767. When this is happening see what netstat -m shows., or look at an output of a machine which has shown this symptom and look at the max values. On Tue, 17 Jul 2001, Dev wrote: > Date: Tue, 17 Jul 2001 09:07:45 -0400 > From: Dev > To: freebsd-isp@FreeBSD.ORG > Subject: HELP NEEDED. :) ARP problems - ARP incomplete showing up on our > network > > > We have been having a problem for the last 24-36 hours on our network. > > We have about 350 servers (50% FreeBSD, 50% NT/2000 and a few Linux) > > Servers have started to be inaccessible through our router (and > sometimes > through other servers). > > The ARP table in our router will show an INCOMPLETE next to the Arp > entry > which is having trouble. > > These problems surface about every 30 minutes and servers will go down > about every 4 hours. > > This problem seems to affect ONLY FreeBSD servers (and 2 Cobalt/Linux > servers). In total, about 20-30 servers. > > Does anyone have any ideas on what we can check? While our network is > largely flat, we do route blocks of addresses directly to servers, our > arp > table in our router is fairly small (about 500 entries). > > Any help would be greatly appreciated. We have tried a lot, but cannot > figure out what is causing the problem. We did not have this problem > before, and many of the servers affected have been running for 1-2 years > > without any problems. > > We use 3COM and Intel NIC's, Nortel switches (303, 310) and a 7206VXR > routers. > > Thanks. > -Dev > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message