[CentOS] Neighbour table overflow

Mon Dec 1 22:27:29 UTC 2008
Ross Walker <rswwalker at gmail.com>

On Mon, Dec 1, 2008 at 3:25 PM, chloe K <chloekcy2000 at yahoo.ca> wrote:
>> John R Pierce <pierce at hogranch.com> wrote:
>> chloe K wrote:
>>> you have the network /20 so that you got this neigbour overlfow
>>> you should subnet it
>>>
>>
>> no, no, NO. his eth1 connection is from his ISP. He /has/ to use
>> the supplied netmask, he can't reconfigure their network segment.
>
> no. he can subnet it
>
> Typically ISP can assign /20. but client can subnet it
>
> two networks /22 /22
>
> or
>
> 16 networks /24

No, actually he CANNOT subnet it.

First the network segment wasn't assigned to him at all, he is 1 node
in the ISP's network segment.

Second the ISP's default gateway is 65.188.0.1 and he can get any IP
in that segment, which means if he tries for force segmentation on it
he will most likely end up making his default route unreachable.

It is probably the result of a broadcast storm or some type of icmp
flood attack on the segment.

Shorten the lifetime of the ARPs in the table for that interface
and/or disable ARPs on that interface and set manual ARP entries for
the routers.

-Ross