-----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of John R Pierce Sent: Friday, November 28, 2008 5:14 PM To: CentOS mailing list Subject: Re: [CentOS] Neighbour table overflow chloe K wrote: > you have the network /20 so that you got this neigbour overlfow you > should subnet it > no, no, NO. his eth1 connection is from his ISP. He /has/ to use the supplied netmask, he can't reconfigure their network segment. now, why is ARP table is overflowing is another issue entirely. Thomas, can you try this? Do.... arp -an | grep 65.188.0.1 Hi John, The output from arp -an | grep 65.188.0.1 is: ? (65.188.0.1) at 00:1B:54:CB:7A::05 and pick out the "MAC" address of your gateway router, this will look something like... ? (65.188.0.1) at 00:17:CB:4F:97:81 [ether] on eth1 So, the MAC address above is 00:17:CB:4F:97:81 ... yours definitely will be different.... now, # tcpdump -i eth1 -n ip host 65.188.xxx.xxx and not ether host 00:17:CB:4F:97:81 (replacing that with your gateway router's MAC address as determined from that ARP command, and xxx.xxx with your eth1 IP address as shown in `ifconfig eth1`) this will catch all traffic between you and another IP on your ISP local segment thats NOT talking to the gateway router paste 50 lines or so of the output of this here and maybe we can figure out whats going on. OK, I think you lost me on that last part. I ran tcpdump -i eth1 -n ip host 65.188.0.1 and got: Tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes 0 packets captred 0 packets received by filter 0 packets dropped by kernel Thanks!! _______________________________________________ CentOS mailing list CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos