In message <3C862901.171A34C7@xxxxxxxxxxxxxxxxxx> you write:
> Mar 6 14:35:22 albatross kernel: Neighbour table overflow.
> Mar 6 14:35:22 albatross kernel: MASQUERADE: No route: Rusty's brain
> broke!
> Mar 6 14:35:25 albatross last message repeated 144 times
>
> After a while the system gets all messed up and cannot even be
> rebooted from the console. Just pulling the plug helps.
This means that no route could be found for the masqueraded packets.
I've never seen this before, but I think the real problem is the
neighbour table overflow.
CC:'d to netdev..
> This is our system:
> Celeron (Coppermine)/700MHz (Dell PowerApp 110)
> 256Mbyte RAM
> Linux RedHat 7.1
> kernel-2.4.9-31 (not recompiled)
>
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 255.255.255.255 0.0.0.0 255.255.255.255 UH 0 0 0
> eth0
> 212.247.164.192 0.0.0.0 255.255.255.224 U 0 0 0
> eth0
> 212.247.164.224 0.0.0.0 255.255.255.224 U 0 0 0
> eth1
> 193.12.201.0 212.247.164.197 255.255.255.0 UG 0 0 0
> eth0
> 192.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
> 172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0
> eth0
> 172.19.0.0 212.247.164.197 255.255.0.0 UG 0 0 0
> eth0
> 172.20.0.0 212.247.164.197 255.255.0.0 UG 0 0 0
> eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
> lo
> 0.0.0.0 212.247.164.254 0.0.0.0 UG 0 0 0
> eth1
>
>
> Interfaces:
> eth0 Link encap:Ethernet HWaddr 00:02:B3:86:37:24
> inet addr:212.247.164.195 Bcast:212.247.164.223 =
>
> Mask:255.255.255.224
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:3584842 errors:0 dropped:0 overruns:0 frame:0
> TX packets:3984789 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> Interrupt:5 Base address:0x4000
> =
>
> eth0:0 Link encap:Ethernet HWaddr 00:02:B3:86:37:24
> inet addr:192.0.1.1 Bcast:192.0.1.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> Interrupt:5 Base address:0x4000
> =
>
> eth0:1 Link encap:Ethernet HWaddr 00:02:B3:86:37:24
> inet addr:172.18.0.1 Bcast:172.18.255.255 Mask:255.255.0.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> Interrupt:5 Base address:0x4000
> =
>
> eth1 Link encap:Ethernet HWaddr 00:02:B3:86:37:25
> inet addr:212.247.164.253 Bcast:212.247.164.255 =
>
> Mask:255.255.255.224
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:1591438 errors:0 dropped:0 overruns:0 frame:0
> TX packets:1192510 errors:0 dropped:0 overruns:0 carrier:0
> collisions:69390 txqueuelen:100
> Interrupt:5 Base address:0x6000
> =
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:21252 errors:0 dropped:0 overruns:0 frame:0
> TX packets:21252 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
>
>
> # /sbin/ip rule list
> 0: from all lookup local
> 32765: from 172.20.0.0/16 lookup telia
> 32766: from all lookup main
> 32767: from all lookup 253
>
> # /sbin/ip route list table telia
> default via 212.247.164.196 dev eth0
>
>
> # /sbin/iptables -L -vn -t nat
> Chain PREROUTING (policy ACCEPT 230K packets, 11M bytes)
> pkts bytes target prot opt in out source =
>
> destination
> 0 0 DROP all -- eth1 * 192.168.0.0/16 =
>
> 0.0.0.0/0
> 10 3536 DROP all -- eth1 * 10.0.0.0/8 =
>
> 0.0.0.0/0
> =
>
> Chain POSTROUTING (policy ACCEPT 55939 packets, 3347K bytes)
> pkts bytes target prot opt in out source =
>
> destination
> 15062 782K MASQUERADE all -- * eth1 172.18.0.0/16 =
>
> 0.0.0.0/0
> 1 57 MASQUERADE all -- * eth1 172.19.0.0/16 =
>
> 0.0.0.0/0
> 7764 399K MASQUERADE all -- * eth1 172.20.0.0/16 =
>
> 0.0.0.0/0
> 44041 2247K MASQUERADE all -- * eth0 172.20.0.0/16 =
>
> 0.0.0.0/0
> =
>
> Chain OUTPUT (policy ACCEPT 11777 packets, 1058K bytes)
> pkts bytes target prot opt in out source =
>
> destination
--
Anyone who quotes me in their sig is an idiot. -- Rusty Russell.
|