I use vyos to router Ipv6 but table-size only 32768, is there any option to increase table-size over 32768 or tunning to reduce INCOMPLETE and FAILED neighbor
table-size on my router
ip -6 neigh show | awk '{print $NF}' | sort | uniq -c
2852 DELAY
7808 FAILED
3429 INCOMPLETE
6 PROBE
15108 REACHABLE
1897 STALE
If you reboot your VyOS - will the INCOMPLETE and FAILED remain at 0 until the sum of hosts passes 32768?
Because looking at your numbers such as the sum of REACHABLE and STALE (and DELAY) is lower than 32768 so your INCOMPLETE and FAILED perhaps is due to something along the road or on the host side of these neighbor discoveries?
I mean increasing from 32768 wont solve your issue.
One reason why a discovery can fail is if upstream do an IP-scan or otherwise try to communicate with hosts that currently doesnt exist. Your VyOS who then is the gateway for these hosts will try to use neighbor discovery to find out if that host exists. This is why you for infrastructure links (hops between routers and/or firewalls) should allocate a /64 but then configure that as a /126 or /127.
Another reason for a failed discovery can be when the host is using privacy mode (where the last 64 bits isnt constructed based on MAC-address to make it unique) and switches which IP it will look like right now (normally with a reboot in between) but some upstream device still tries to reach the old IP.
yes, after reboot it running ok, but if over 32768 it log show" neighbour: ndisc_cache: neighbor table overflow!"
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.