Manage ARP table overflow

In larger deployments that use the PCP broker, you might encounter Address Resolution Protocol (ARP) table overflows.

Overflows occur when the ARP table (which is a local cache of IP-to-MAC-address resolutions) becomes full and starts evicting old entries. When long-established, but frequently-used, entries are evicted, network traffic increases to restore them. This increases network latency and CPU load on the broker.

Here is an example of a typical ARP table overflow log message:

[root@s1 peadmin]# tail -f /var/log/messages
Aug 10 22:42:36 s1 kernel: Neighbour table overflow.
Aug 10 22:42:36 s1 kernel: Neighbour table overflow.
Aug 10 22:42:36 s1 kernel: Neighbour table overflow.

To resolve this issue, you need to increase sysctl settings related to ARP tables.

For example, these settings are appropriate for networks hosting up to 2000 agents:

# Set max table size
net.ipv6.neigh.default.gc_thresh3=4096
net.ipv4.neigh.default.gc_thresh3=4096
# Start aggressively clearing the table at this threshold
net.ipv6.neigh.default.gc_thresh2=2048
net.ipv4.neigh.default.gc_thresh2=2048
# Don't clear any entries until this threshold
net.ipv6.neigh.default.gc_thresh1=1024
net.ipv4.neigh.default.gc_thresh1=1024