Linux: Neighbour Table Overflow Error and Solution

GIT – I setup a based server running as a gateway and firewall server. However, I’m getting the following messages in the/var/log/messages log file:

Dec 20 00:41:01 fw01 kernel: Neighbour table overflow.
Dec 20 00:41:01 fw01 last message repeated 20 times


Dec 20 00:41:01 fw03 kernel: [ 8987.821184] Neighbour table overflow.
Dec 20 00:41:01 fw03 kernel: [ 8987.860465] printk: 100 messages suppressed.

Why does kernel throw “Neighbour table overflow” messages in syslog? How do I fix this problem under / CentOS / RHEL / Fedora / Linux?

For busy networks (or gateway / firewall Linux server) it is mandatory to increase the kernel’s internal ARP size. The following kernel variables are used:


To see current values, type:


Sample outputs:

net.ipv4.neigh.default.gc_thresh1 = 128

Type the following command:

# sysctl net.ipv4.neigh.default.gc_thresh2

Sample outputs:

net.ipv4.neigh.default.gc_thresh2 = 512

Type the following command:

# sysctl net.ipv4.neigh.default.gc_thresh3

Sample outputs:

net.ipv4.neigh.default.gc_thresh3 = 1024

So you need to make sure that the arp table to become bigger than the above defaults. The above limitations are good for small network or a single server. This will also affect your DNS traffic.

How Do I Fix “Neighbour Table Overflow” Error?

Edit /etc/sysctl.conf file, enter:

# vi /etc/sysctl.conf

Append the following values (this is taken from server that protects over 200 desktops running MS-Windows, Linux, and OS X):

## works best with <= 500 client computers ##
# Force gc to clean-up quickly
net.ipv4.neigh.default.gc_interval = 3600

# Set ARP cache entry timeout
net.ipv4.neigh.default.gc_stale_time = 3600

# Setup DNS threshold for arp
net.ipv4.neigh.default.gc_thresh3 = 4096
net.ipv4.neigh.default.gc_thresh2 = 2048
net.ipv4.neigh.default.gc_thresh1 = 1024

To load new changes type the following command:

# sysctl -p

Print Friendly, PDF & Email



Bài viết liên quan

Be the first to comment

Để lại lời nhắn