Support Center > Search Results > SecureKnowledge Details
ARP table size keeps increasing Technical Level
  • Value of the output from 'arp -na' keeps increasing, until it is cleared manually or device is rebooted.
  • The command 'ip neighbor' output shows large number of "STALE" entries. (You can run: "ip neighbor | grep "STALE" | wc-l")
  • The value of 'arp -an' may not continually increase, but the size of the arp slab cache increases, which may lead to the following messages logged in /var/log/messages:
    kernel: Neighbour table overflow
    kernel: [fw4_0];fwmultik_f2p_routing: fw_os_route_retrieve_streaming failed
  • The size of the arp slab cache can be monitored with the following command:cat /proc/slabinfo | grep "arp", with the associated gc_thres (garbage collection thresholds) viewed with the following command: grep "" /proc/sys/net/ipv4/neigh/*/* | grep "gc_thres"
  • Show arp cache slab size:
    # cat /proc/slabinfo | grep "arp"
  • Show neighbour table count:
    # ip -s -s neigh show nud all | grep ".*" -c

A leak in the routing table, where the entries are not getting flushed.

Note: To view this solution you need to Sign In .