On 2013-06-05 18:25, Ricky Beam wrote:
That said, I do use a stripped debian box as an inter-vlan router. You don't want to see the pages of tweaks it's taken to stop it being a broadcast storm generator. (and no, "arpd" is stupid hack.) It's a beautiful thing to run "tcpdump ... broadcast" and see no packets!
(And I'm not too happy with the BS 32 interface limit for multicast routing.)
Actually, I'd love to see the pages of tweaks. Seems like it would be useful if I need to do this in the future :) Maybe drop it on the Debian wiki somewhere if you get the chance. Or at the least it would be nice to know what issues you're hitting now. You can tune the neighbor cache size and timeout via sysctl, so I would think it would be more of a memory limit than anything (unless the kernel uses a really poor hash lookup for arp entries)
--Ricky
--Robert