Neighbor table overflow Error in Linux

The ‘neighbor table overflow’ is a VERY common linux issue on large networks. Some network trigger this with default linux settings (because the previous network regime put so many IP address subnets on a single vlan , it creates large ARP tables – which is not normal / default settings). It is not an indication of anything wrong. It is a trigger of linux default.

Here is how to adjust:
If you see this….

__ratelimit: 20 callbacks suppressed
Neighbour table overflow.

For busy networks increase the kernel’s internal ARP cache size. The following kernel variables are used:

To see current values, type:

Run this…

# sysctl net.ipv4.neigh.default.gc_thresh1
net.ipv4.neigh.default.gc_thresh1 = 128

# sysctl net.ipv4.neigh.default.gc_thresh2
net.ipv4.neigh.default.gc_thresh2 = 512

# sysctl net.ipv4.neigh.default.gc_thresh3
net.ipv4.neigh.default.gc_thresh3 = 1024

You need to make sure that the arp table to become bigger than the above defaults. The above limitations are good for small network or a single server. This will also affect your DNS traffic.

How Do I Fix “Neighbour Table Overflow” Error?

# vi /etc/sysctl.conf

Append the following:

 ## works best with <= 500 client computers ##
# Force gc to clean-up quickly
net.ipv4.neigh.default.gc_interval = 3600
# Set ARP cache entry timeout
net.ipv4.neigh.default.gc_stale_time = 3600
# Setup DNS threshold for arp
net.ipv4.neigh.default.gc_thresh3 = 4096
net.ipv4.neigh.default.gc_thresh2 = 2048
net.ipv4.neigh.default.gc_thresh1 = 1024

To load new changes type the following command:

# sysctl -p