IPv6 · munin

IPv6 conntrack and munin

pre { font-family:arial; font-size:12px; border:1px dashed #CCCCCC; width:99%; height:auto; overflow:auto; background:#f0f0f0; padding:0px;color:#000000; text-align:left; line-height:20px; } code { color:#000000; word-wrap:normal; } Argh, my beloved linux IPv6 firewall was suffering, too many connections, munin graphs not updating; this needed looking at… Firstly I noticed multiple entries of the following in kern.log: nf_conntrack: table full, dropping packet After… Continue reading IPv6 conntrack and munin

IPv6 · Monitoring · munin

Munin IPv6 neighbor state graphs

A recent issue with a Linux IPv6 firewall which saw on-link hosts appear to be flapping according to monitoring tools, highlighting a IPv6 ND table overflow problem. The short version of the solution required: net.ipv6.neigh.default.gc_thresh1 = 256 net.ipv6.neigh.default.gc_thresh2 = 1024 net.ipv6.neigh.default.gc_thresh3 = 2048 To keep an eye on the neighbor table I created a series… Continue reading Munin IPv6 neighbor state graphs