Router disappearing from route table (Linux)Tuning Linux IP routing parameters — secret_interval and tcp_memHow do I delete a route from Linux routing tableSelecting gateway on application level on LinuxLoad balancing network traffic using iptablesarp table entry outside configured networkipsec/strongswan - how to use remote router as local gateway using the route commandunable to route through linux gatewayWhy does Linux answer to ARP on incorrect interfaces?VPN Router does not reply to ARP RequestsHow to do routing between the instances in AWS using Route Table?

Peace Arch without exiting USA

Can’t attend PhD conferences

What is the legal status of travelling with (unprescribed) methadone in your carry-on?

Is adding a new player (or players) a DM decision, or a group decision?

Through the Looking-Glass

Why is C++ initial allocation so much larger than C's?

Alphabet completion rate

What kind of wire should I use to pigtail an outlet?

Require advice on power conservation for backpacking trip

Is there any evidence that the small canisters (10 liters) of 95% oxygen actually help with altitude sickness?

How can I deal with a coworker killed on the job

Are there any vegetarian astronauts?

Policemen catch thieves

Why aren't (poly-)cotton tents more popular?

Catching generic Exception in a toString implementation - bad practice?

Does Marvel have an equivalent of the Green Lantern?

ては's role in this 「追いかけては来ないでしょう」

Could Sauron have read Tom Bombadil's mind if Tom had held the Palantir?

First-year PhD giving a talk among well-established researchers in the field

Plotting with different color for a single curve

Should I tell my insurance company I'm making payments on my new car?

Links to webpages in books

Impossible darts scores

Should I hide continue button until tasks are completed?



Router disappearing from route table (Linux)


Tuning Linux IP routing parameters — secret_interval and tcp_memHow do I delete a route from Linux routing tableSelecting gateway on application level on LinuxLoad balancing network traffic using iptablesarp table entry outside configured networkipsec/strongswan - how to use remote router as local gateway using the route commandunable to route through linux gatewayWhy does Linux answer to ARP on incorrect interfaces?VPN Router does not reply to ARP RequestsHow to do routing between the instances in AWS using Route Table?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








1















I'm running SLES 12 SP3 in a production environment. There are several interfaces configured on two separate networks. Things are working fine for a while(days at a time) and for no apparent reason, 1 or 2 of the gateways will get dropped from the route table. There is no indication as to why in any logs(/var/log/messages). The ARP table still shows entries from the interfaces in question to the router IP addresses.



I know the Linux kernel does route table garbage collection, and there are tunables related to this. But the route table doesn't appear nearly full, there are less then 50 entries in it. Are there other events that cause the Linux kernel to remove a gateway from the route table? Are there other places I should be looking on the system for clues as to why the router was removed?



Thanks in advance.






routing linux-networking gateway linux-kernel sles12







share|improve this question






















  • Do you use any routing daemons or DHCP clients?

    – eckes
    Jun 10 at 7:05











  • DHCP is not in play, all IP addresses on the host in question are static. I am not running any routing daemons that I know of.

    – jetson23
    Jun 12 at 11:47











  • @eckes - Just curious as to if you were inferring anything specific by implicating DHCP (or a routing daemon)? I am trying to determine if DHCP is definitely disabled on my system. I'm also suspicious of wicked and nanny doing things unexpectedly.

    – jetson23
    yesterday











  • Nö, it’s just that the only reason I can imagine is user mode. And dhcp Clients and routing daemons are the only ones messing with the routing table by default

    – eckes
    yesterday











  • Thanks @eckes. Can you give some examples of routing daemons that might do this? Are there standard routing daemons that come with SLES that I can look for on my system?

    – jetson23
    13 hours ago

















1















I'm running SLES 12 SP3 in a production environment. There are several interfaces configured on two separate networks. Things are working fine for a while(days at a time) and for no apparent reason, 1 or 2 of the gateways will get dropped from the route table. There is no indication as to why in any logs(/var/log/messages). The ARP table still shows entries from the interfaces in question to the router IP addresses.



I know the Linux kernel does route table garbage collection, and there are tunables related to this. But the route table doesn't appear nearly full, there are less then 50 entries in it. Are there other events that cause the Linux kernel to remove a gateway from the route table? Are there other places I should be looking on the system for clues as to why the router was removed?



Thanks in advance.






routing linux-networking gateway linux-kernel sles12







share|improve this question






















  • Do you use any routing daemons or DHCP clients?

    – eckes
    Jun 10 at 7:05











  • DHCP is not in play, all IP addresses on the host in question are static. I am not running any routing daemons that I know of.

    – jetson23
    Jun 12 at 11:47











  • @eckes - Just curious as to if you were inferring anything specific by implicating DHCP (or a routing daemon)? I am trying to determine if DHCP is definitely disabled on my system. I'm also suspicious of wicked and nanny doing things unexpectedly.

    – jetson23
    yesterday











  • Nö, it’s just that the only reason I can imagine is user mode. And dhcp Clients and routing daemons are the only ones messing with the routing table by default

    – eckes
    yesterday











  • Thanks @eckes. Can you give some examples of routing daemons that might do this? Are there standard routing daemons that come with SLES that I can look for on my system?

    – jetson23
    13 hours ago













1












1








1


1






I'm running SLES 12 SP3 in a production environment. There are several interfaces configured on two separate networks. Things are working fine for a while(days at a time) and for no apparent reason, 1 or 2 of the gateways will get dropped from the route table. There is no indication as to why in any logs(/var/log/messages). The ARP table still shows entries from the interfaces in question to the router IP addresses.



I know the Linux kernel does route table garbage collection, and there are tunables related to this. But the route table doesn't appear nearly full, there are less then 50 entries in it. Are there other events that cause the Linux kernel to remove a gateway from the route table? Are there other places I should be looking on the system for clues as to why the router was removed?



Thanks in advance.






routing linux-networking gateway linux-kernel sles12







share|improve this question














I'm running SLES 12 SP3 in a production environment. There are several interfaces configured on two separate networks. Things are working fine for a while(days at a time) and for no apparent reason, 1 or 2 of the gateways will get dropped from the route table. There is no indication as to why in any logs(/var/log/messages). The ARP table still shows entries from the interfaces in question to the router IP addresses.



I know the Linux kernel does route table garbage collection, and there are tunables related to this. But the route table doesn't appear nearly full, there are less then 50 entries in it. Are there other events that cause the Linux kernel to remove a gateway from the route table? Are there other places I should be looking on the system for clues as to why the router was removed?



Thanks in advance.






routing linux-networking gateway linux-kernel sles12




routing linux-networking gateway linux-kernel sles12






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Jun 7 at 19:19









jetson23jetson23

212 bronze badges




212 bronze badges












  • Do you use any routing daemons or DHCP clients?

    – eckes
    Jun 10 at 7:05











  • DHCP is not in play, all IP addresses on the host in question are static. I am not running any routing daemons that I know of.

    – jetson23
    Jun 12 at 11:47











  • @eckes - Just curious as to if you were inferring anything specific by implicating DHCP (or a routing daemon)? I am trying to determine if DHCP is definitely disabled on my system. I'm also suspicious of wicked and nanny doing things unexpectedly.

    – jetson23
    yesterday











  • Nö, it’s just that the only reason I can imagine is user mode. And dhcp Clients and routing daemons are the only ones messing with the routing table by default

    – eckes
    yesterday











  • Thanks @eckes. Can you give some examples of routing daemons that might do this? Are there standard routing daemons that come with SLES that I can look for on my system?

    – jetson23
    13 hours ago

















  • Do you use any routing daemons or DHCP clients?

    – eckes
    Jun 10 at 7:05











  • DHCP is not in play, all IP addresses on the host in question are static. I am not running any routing daemons that I know of.

    – jetson23
    Jun 12 at 11:47











  • @eckes - Just curious as to if you were inferring anything specific by implicating DHCP (or a routing daemon)? I am trying to determine if DHCP is definitely disabled on my system. I'm also suspicious of wicked and nanny doing things unexpectedly.

    – jetson23
    yesterday











  • Nö, it’s just that the only reason I can imagine is user mode. And dhcp Clients and routing daemons are the only ones messing with the routing table by default

    – eckes
    yesterday











  • Thanks @eckes. Can you give some examples of routing daemons that might do this? Are there standard routing daemons that come with SLES that I can look for on my system?

    – jetson23
    13 hours ago
















Do you use any routing daemons or DHCP clients?

– eckes
Jun 10 at 7:05





Do you use any routing daemons or DHCP clients?

– eckes
Jun 10 at 7:05













DHCP is not in play, all IP addresses on the host in question are static. I am not running any routing daemons that I know of.

– jetson23
Jun 12 at 11:47





DHCP is not in play, all IP addresses on the host in question are static. I am not running any routing daemons that I know of.

– jetson23
Jun 12 at 11:47













@eckes - Just curious as to if you were inferring anything specific by implicating DHCP (or a routing daemon)? I am trying to determine if DHCP is definitely disabled on my system. I'm also suspicious of wicked and nanny doing things unexpectedly.

– jetson23
yesterday





@eckes - Just curious as to if you were inferring anything specific by implicating DHCP (or a routing daemon)? I am trying to determine if DHCP is definitely disabled on my system. I'm also suspicious of wicked and nanny doing things unexpectedly.

– jetson23
yesterday













Nö, it’s just that the only reason I can imagine is user mode. And dhcp Clients and routing daemons are the only ones messing with the routing table by default

– eckes
yesterday





Nö, it’s just that the only reason I can imagine is user mode. And dhcp Clients and routing daemons are the only ones messing with the routing table by default

– eckes
yesterday













Thanks @eckes. Can you give some examples of routing daemons that might do this? Are there standard routing daemons that come with SLES that I can look for on my system?

– jetson23
13 hours ago





Thanks @eckes. Can you give some examples of routing daemons that might do this? Are there standard routing daemons that come with SLES that I can look for on my system?

– jetson23
13 hours ago










1 Answer
1






active

oldest

votes


















1














Linux dropped routing cache for IPv4 (only) in kernel 3.6. That's described there for example: David Miller: routing cache is dead, now what ?. It relies now only on LPC-trie for performance. So as far as I understand there's no route garbage collection done for IPv4 on SLES12 which should be at least kernel 3.12 if not higher.



You could keep the command ip -ts monitor running and log its output for later analysis to find what's going on, especially around when the route disappeared. For example maybe some address also disappeared and reappeared, while leaving the route lost?






share|improve this answer


















  • 1





    But if several interfaces are using the same IP LAN on the same ethernet LAN expect trouble anyway: ARP flux etc unless you configure the system for this. Though this shouldn't make routes disappear in the routing table.

    – A.B
    Jun 7 at 21:59











  • Thanks for your response @A.B. I've been playing with "ip -ts monitor" and that may help me figure out what exactly is going on at the time, since there's no real indication of if/when this is going to happen. Could you explain more about your second comment? The ARP table looks ok after the fact. Both routers have an entry in the ARP cache for their appropriate interfaces. I was trying to paste the ARP table but the response is too long. I guess I'm wondering what the issues might be? Thanks.

    – jetson23
    Jun 8 at 20:20






  • 1





    About "ARP flux" (that you could also search on internet):you have to check on the peer systems (including routers) that each (of you system) interface's IP has its own ARP entry with its MAC. Usually a single card's MAC is present for all IPs, thus forcing all incoming traffic through a single card. Sometimes you even have to disable rp_filter because of this.That's not a problem unless you rely on bandwidth or redondancy. Of course there are settings to make it behave as intended but it's not trivial (and there are questions on SF or UL SE about it, and two categories of answers for the fix)

    – A.B
    Jun 9 at 11:00












  • Thanks @A.B. I did some reading on ARP flux, and as it turns out, according to the sources I read, we had already set up our sysctl parameters to prevent this issue(arp_announce = 2 and arp_ignore = 1). So I don't think that's what's getting us. Going back to "ip -ts monitor", from the output I see that routes on our system become "STALE", and then are "PROBE"d and set to "REACHABLE", which I'm assuming means they responded to the probe. Would a route be removed if the router didn't respond? What happens if there's heavy traffic and the response packet happens to get dropped?

    – jetson23
    Jun 10 at 19:48











  • run instead: ip -ts monitor link , ip -ts monitor address , ip -ts monitor route. stale reachable etc is about ARP (with ip neighbour) and thus not about routes.

    – A.B
    Jun 10 at 21:11













Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970606%2frouter-disappearing-from-route-table-linux%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









1














Linux dropped routing cache for IPv4 (only) in kernel 3.6. That's described there for example: David Miller: routing cache is dead, now what ?. It relies now only on LPC-trie for performance. So as far as I understand there's no route garbage collection done for IPv4 on SLES12 which should be at least kernel 3.12 if not higher.



You could keep the command ip -ts monitor running and log its output for later analysis to find what's going on, especially around when the route disappeared. For example maybe some address also disappeared and reappeared, while leaving the route lost?






share|improve this answer


















  • 1





    But if several interfaces are using the same IP LAN on the same ethernet LAN expect trouble anyway: ARP flux etc unless you configure the system for this. Though this shouldn't make routes disappear in the routing table.

    – A.B
    Jun 7 at 21:59











  • Thanks for your response @A.B. I've been playing with "ip -ts monitor" and that may help me figure out what exactly is going on at the time, since there's no real indication of if/when this is going to happen. Could you explain more about your second comment? The ARP table looks ok after the fact. Both routers have an entry in the ARP cache for their appropriate interfaces. I was trying to paste the ARP table but the response is too long. I guess I'm wondering what the issues might be? Thanks.

    – jetson23
    Jun 8 at 20:20






  • 1





    About "ARP flux" (that you could also search on internet):you have to check on the peer systems (including routers) that each (of you system) interface's IP has its own ARP entry with its MAC. Usually a single card's MAC is present for all IPs, thus forcing all incoming traffic through a single card. Sometimes you even have to disable rp_filter because of this.That's not a problem unless you rely on bandwidth or redondancy. Of course there are settings to make it behave as intended but it's not trivial (and there are questions on SF or UL SE about it, and two categories of answers for the fix)

    – A.B
    Jun 9 at 11:00












  • Thanks @A.B. I did some reading on ARP flux, and as it turns out, according to the sources I read, we had already set up our sysctl parameters to prevent this issue(arp_announce = 2 and arp_ignore = 1). So I don't think that's what's getting us. Going back to "ip -ts monitor", from the output I see that routes on our system become "STALE", and then are "PROBE"d and set to "REACHABLE", which I'm assuming means they responded to the probe. Would a route be removed if the router didn't respond? What happens if there's heavy traffic and the response packet happens to get dropped?

    – jetson23
    Jun 10 at 19:48











  • run instead: ip -ts monitor link , ip -ts monitor address , ip -ts monitor route. stale reachable etc is about ARP (with ip neighbour) and thus not about routes.

    – A.B
    Jun 10 at 21:11















1














Linux dropped routing cache for IPv4 (only) in kernel 3.6. That's described there for example: David Miller: routing cache is dead, now what ?. It relies now only on LPC-trie for performance. So as far as I understand there's no route garbage collection done for IPv4 on SLES12 which should be at least kernel 3.12 if not higher.



You could keep the command ip -ts monitor running and log its output for later analysis to find what's going on, especially around when the route disappeared. For example maybe some address also disappeared and reappeared, while leaving the route lost?






share|improve this answer


















  • 1





    But if several interfaces are using the same IP LAN on the same ethernet LAN expect trouble anyway: ARP flux etc unless you configure the system for this. Though this shouldn't make routes disappear in the routing table.

    – A.B
    Jun 7 at 21:59











  • Thanks for your response @A.B. I've been playing with "ip -ts monitor" and that may help me figure out what exactly is going on at the time, since there's no real indication of if/when this is going to happen. Could you explain more about your second comment? The ARP table looks ok after the fact. Both routers have an entry in the ARP cache for their appropriate interfaces. I was trying to paste the ARP table but the response is too long. I guess I'm wondering what the issues might be? Thanks.

    – jetson23
    Jun 8 at 20:20






  • 1





    About "ARP flux" (that you could also search on internet):you have to check on the peer systems (including routers) that each (of you system) interface's IP has its own ARP entry with its MAC. Usually a single card's MAC is present for all IPs, thus forcing all incoming traffic through a single card. Sometimes you even have to disable rp_filter because of this.That's not a problem unless you rely on bandwidth or redondancy. Of course there are settings to make it behave as intended but it's not trivial (and there are questions on SF or UL SE about it, and two categories of answers for the fix)

    – A.B
    Jun 9 at 11:00












  • Thanks @A.B. I did some reading on ARP flux, and as it turns out, according to the sources I read, we had already set up our sysctl parameters to prevent this issue(arp_announce = 2 and arp_ignore = 1). So I don't think that's what's getting us. Going back to "ip -ts monitor", from the output I see that routes on our system become "STALE", and then are "PROBE"d and set to "REACHABLE", which I'm assuming means they responded to the probe. Would a route be removed if the router didn't respond? What happens if there's heavy traffic and the response packet happens to get dropped?

    – jetson23
    Jun 10 at 19:48











  • run instead: ip -ts monitor link , ip -ts monitor address , ip -ts monitor route. stale reachable etc is about ARP (with ip neighbour) and thus not about routes.

    – A.B
    Jun 10 at 21:11













1












1








1







Linux dropped routing cache for IPv4 (only) in kernel 3.6. That's described there for example: David Miller: routing cache is dead, now what ?. It relies now only on LPC-trie for performance. So as far as I understand there's no route garbage collection done for IPv4 on SLES12 which should be at least kernel 3.12 if not higher.



You could keep the command ip -ts monitor running and log its output for later analysis to find what's going on, especially around when the route disappeared. For example maybe some address also disappeared and reappeared, while leaving the route lost?






share|improve this answer













Linux dropped routing cache for IPv4 (only) in kernel 3.6. That's described there for example: David Miller: routing cache is dead, now what ?. It relies now only on LPC-trie for performance. So as far as I understand there's no route garbage collection done for IPv4 on SLES12 which should be at least kernel 3.12 if not higher.



You could keep the command ip -ts monitor running and log its output for later analysis to find what's going on, especially around when the route disappeared. For example maybe some address also disappeared and reappeared, while leaving the route lost?







share|improve this answer












share|improve this answer



share|improve this answer










answered Jun 7 at 21:45









A.BA.B

2,2092 gold badges8 silver badges17 bronze badges




2,2092 gold badges8 silver badges17 bronze badges







  • 1





    But if several interfaces are using the same IP LAN on the same ethernet LAN expect trouble anyway: ARP flux etc unless you configure the system for this. Though this shouldn't make routes disappear in the routing table.

    – A.B
    Jun 7 at 21:59











  • Thanks for your response @A.B. I've been playing with "ip -ts monitor" and that may help me figure out what exactly is going on at the time, since there's no real indication of if/when this is going to happen. Could you explain more about your second comment? The ARP table looks ok after the fact. Both routers have an entry in the ARP cache for their appropriate interfaces. I was trying to paste the ARP table but the response is too long. I guess I'm wondering what the issues might be? Thanks.

    – jetson23
    Jun 8 at 20:20






  • 1





    About "ARP flux" (that you could also search on internet):you have to check on the peer systems (including routers) that each (of you system) interface's IP has its own ARP entry with its MAC. Usually a single card's MAC is present for all IPs, thus forcing all incoming traffic through a single card. Sometimes you even have to disable rp_filter because of this.That's not a problem unless you rely on bandwidth or redondancy. Of course there are settings to make it behave as intended but it's not trivial (and there are questions on SF or UL SE about it, and two categories of answers for the fix)

    – A.B
    Jun 9 at 11:00












  • Thanks @A.B. I did some reading on ARP flux, and as it turns out, according to the sources I read, we had already set up our sysctl parameters to prevent this issue(arp_announce = 2 and arp_ignore = 1). So I don't think that's what's getting us. Going back to "ip -ts monitor", from the output I see that routes on our system become "STALE", and then are "PROBE"d and set to "REACHABLE", which I'm assuming means they responded to the probe. Would a route be removed if the router didn't respond? What happens if there's heavy traffic and the response packet happens to get dropped?

    – jetson23
    Jun 10 at 19:48











  • run instead: ip -ts monitor link , ip -ts monitor address , ip -ts monitor route. stale reachable etc is about ARP (with ip neighbour) and thus not about routes.

    – A.B
    Jun 10 at 21:11












  • 1





    But if several interfaces are using the same IP LAN on the same ethernet LAN expect trouble anyway: ARP flux etc unless you configure the system for this. Though this shouldn't make routes disappear in the routing table.

    – A.B
    Jun 7 at 21:59











  • Thanks for your response @A.B. I've been playing with "ip -ts monitor" and that may help me figure out what exactly is going on at the time, since there's no real indication of if/when this is going to happen. Could you explain more about your second comment? The ARP table looks ok after the fact. Both routers have an entry in the ARP cache for their appropriate interfaces. I was trying to paste the ARP table but the response is too long. I guess I'm wondering what the issues might be? Thanks.

    – jetson23
    Jun 8 at 20:20






  • 1





    About "ARP flux" (that you could also search on internet):you have to check on the peer systems (including routers) that each (of you system) interface's IP has its own ARP entry with its MAC. Usually a single card's MAC is present for all IPs, thus forcing all incoming traffic through a single card. Sometimes you even have to disable rp_filter because of this.That's not a problem unless you rely on bandwidth or redondancy. Of course there are settings to make it behave as intended but it's not trivial (and there are questions on SF or UL SE about it, and two categories of answers for the fix)

    – A.B
    Jun 9 at 11:00












  • Thanks @A.B. I did some reading on ARP flux, and as it turns out, according to the sources I read, we had already set up our sysctl parameters to prevent this issue(arp_announce = 2 and arp_ignore = 1). So I don't think that's what's getting us. Going back to "ip -ts monitor", from the output I see that routes on our system become "STALE", and then are "PROBE"d and set to "REACHABLE", which I'm assuming means they responded to the probe. Would a route be removed if the router didn't respond? What happens if there's heavy traffic and the response packet happens to get dropped?

    – jetson23
    Jun 10 at 19:48











  • run instead: ip -ts monitor link , ip -ts monitor address , ip -ts monitor route. stale reachable etc is about ARP (with ip neighbour) and thus not about routes.

    – A.B
    Jun 10 at 21:11







1




1





But if several interfaces are using the same IP LAN on the same ethernet LAN expect trouble anyway: ARP flux etc unless you configure the system for this. Though this shouldn't make routes disappear in the routing table.

– A.B
Jun 7 at 21:59





But if several interfaces are using the same IP LAN on the same ethernet LAN expect trouble anyway: ARP flux etc unless you configure the system for this. Though this shouldn't make routes disappear in the routing table.

– A.B
Jun 7 at 21:59













Thanks for your response @A.B. I've been playing with "ip -ts monitor" and that may help me figure out what exactly is going on at the time, since there's no real indication of if/when this is going to happen. Could you explain more about your second comment? The ARP table looks ok after the fact. Both routers have an entry in the ARP cache for their appropriate interfaces. I was trying to paste the ARP table but the response is too long. I guess I'm wondering what the issues might be? Thanks.

– jetson23
Jun 8 at 20:20





Thanks for your response @A.B. I've been playing with "ip -ts monitor" and that may help me figure out what exactly is going on at the time, since there's no real indication of if/when this is going to happen. Could you explain more about your second comment? The ARP table looks ok after the fact. Both routers have an entry in the ARP cache for their appropriate interfaces. I was trying to paste the ARP table but the response is too long. I guess I'm wondering what the issues might be? Thanks.

– jetson23
Jun 8 at 20:20




1




1





About "ARP flux" (that you could also search on internet):you have to check on the peer systems (including routers) that each (of you system) interface's IP has its own ARP entry with its MAC. Usually a single card's MAC is present for all IPs, thus forcing all incoming traffic through a single card. Sometimes you even have to disable rp_filter because of this.That's not a problem unless you rely on bandwidth or redondancy. Of course there are settings to make it behave as intended but it's not trivial (and there are questions on SF or UL SE about it, and two categories of answers for the fix)

– A.B
Jun 9 at 11:00






About "ARP flux" (that you could also search on internet):you have to check on the peer systems (including routers) that each (of you system) interface's IP has its own ARP entry with its MAC. Usually a single card's MAC is present for all IPs, thus forcing all incoming traffic through a single card. Sometimes you even have to disable rp_filter because of this.That's not a problem unless you rely on bandwidth or redondancy. Of course there are settings to make it behave as intended but it's not trivial (and there are questions on SF or UL SE about it, and two categories of answers for the fix)

– A.B
Jun 9 at 11:00














Thanks @A.B. I did some reading on ARP flux, and as it turns out, according to the sources I read, we had already set up our sysctl parameters to prevent this issue(arp_announce = 2 and arp_ignore = 1). So I don't think that's what's getting us. Going back to "ip -ts monitor", from the output I see that routes on our system become "STALE", and then are "PROBE"d and set to "REACHABLE", which I'm assuming means they responded to the probe. Would a route be removed if the router didn't respond? What happens if there's heavy traffic and the response packet happens to get dropped?

– jetson23
Jun 10 at 19:48





Thanks @A.B. I did some reading on ARP flux, and as it turns out, according to the sources I read, we had already set up our sysctl parameters to prevent this issue(arp_announce = 2 and arp_ignore = 1). So I don't think that's what's getting us. Going back to "ip -ts monitor", from the output I see that routes on our system become "STALE", and then are "PROBE"d and set to "REACHABLE", which I'm assuming means they responded to the probe. Would a route be removed if the router didn't respond? What happens if there's heavy traffic and the response packet happens to get dropped?

– jetson23
Jun 10 at 19:48













run instead: ip -ts monitor link , ip -ts monitor address , ip -ts monitor route. stale reachable etc is about ARP (with ip neighbour) and thus not about routes.

– A.B
Jun 10 at 21:11





run instead: ip -ts monitor link , ip -ts monitor address , ip -ts monitor route. stale reachable etc is about ARP (with ip neighbour) and thus not about routes.

– A.B
Jun 10 at 21:11

















draft saved

draft discarded
















































Thanks for contributing an answer to Server Fault!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970606%2frouter-disappearing-from-route-table-linux%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Wikipedia:Vital articles Мазмуну Biography - Өмүр баян Philosophy and psychology - Философия жана психология Religion - Дин Social sciences - Коомдук илимдер Language and literature - Тил жана адабият Science - Илим Technology - Технология Arts and recreation - Искусство жана эс алуу History and geography - Тарых жана география Навигация менюсу

Image
centralized watchlist Wikipedia:Vital articles Wikipedia дан Jump to navigation Jump to search This is a list of basic subjects for which Wikipedia should have a corresponding high-quality article, and ideally a featured article. It also serves as a centralized watchlist and tracks the status of some of Wikipedia's most essential articles. Ideally this page should list approximately 1,000 of the most vital Wikipedia articles. Мазмуну 1 Biography - Өмүр баян 1.1 Actors, dancers and models - Актёрлор, бийчилер жана моделдер 1.2 Artists and architects - Сүрөтчүлөр жана архитекторлор 1.3 Authors, playwrights and poets - Жазуучулар, драматургдар жана акындар 1.4 Composers and musicians - Композиторлор жана музыканттар 1.5 Explorers and travelers - Изилдөөчүлөр менен саякатчылар 1.6 Film directors and screenwriters - Режиссёрлор жана сценаристтер 1.7 Inventors, scientists and mathematicians - Ойлоп табуучулар, окумуштуулар жана математиктер
Read more

Bruxelas-Capital Índice Historia | Composición | Situación lingüística | Clima | Cidades irmandadas | Notas | Véxase tamén | Menú de navegacióneO uso das linguas en Bruxelas e a situación do neerlandés"Rexión de Bruxelas Capital"o orixinalSitio da rexiónPáxina de Bruselas no sitio da Oficina de Promoción Turística de Valonia e BruxelasMapa Interactivo da Rexión de Bruxelas-CapitaleeWorldCat332144929079854441105155190212ID28008674080552-90000 0001 0666 3698n94104302ID540940339365017018237

Image
AnderlechtCidade de BruxelasIxellesEtterbeekEvereGanshorenJetteKoekelbergAuderghemSchaerbeekBerchem-Sainte-AgatheSaint-GillesMolenbeek-Saint-JeanSaint-Josse-ten-NoodeWoluwe-Saint-LambertWoluwe-Saint-PierreUccleForestWatermaal-Bosvoorde Comunidade Francesa de Bélxica Comunidade Flamenga de Bélxica Comunidade Xermanófona de Bélxica Bruxelas-CapitalRexións de Bélxica francésneerlandésRexiónsBélxicacomunidade francesacomunidade flamengafrancófonaflamengaUnión EuropeaMagrebMarrocosTurquíaAméricaÁfricaRepública Democrática do CongoEuropa central18 de xuño1989FlandresRexión Valoaflamengaséculo XIXClasificación climática de Köppen Bruxelas-Capital Na Galipedia, a Wikipedia en galego. Saltar ata a navegación Saltar á procura Para outras páxinas con títulos homónimos véxase: Bruxelas . Région de Bruxelles-Capitale Brussels Hoofdstedelijk Gewest Bandeira Estado Bélxica Capital Cidade de Bruxelas  • Poboación n/d Lingua oficial As dúas Superficie  • Total 1
Read more

What should I write in an apology letter, since I have decided not to join a company after accepting an offer letterShould I keep looking after accepting a job offer?What should I do when I've been verbally told I would get an offer letter, but still haven't gotten one after 4 weeks?Do I accept an offer from a company that I am not likely to join?New job hasn't confirmed starting date and I want to give current employer as much notice as possibleHow should I address my manager in my resignation letter?HR delayed background verification, now jobless as resignedNo email communication after accepting a formal written offer. How should I phrase the call?What should I do if after receiving a verbal offer letter I am informed that my written job offer is put on hold due to some internal issues?Should I inform the current employer that I am about to resign within 1-2 weeks since I have signed the offer letter and waiting for visa?What company will do, if I send their offer letter to another company

Image
When is the original BFGS algorithm still better than the Limited-Memory version? How well known and how commonly used was Huffman coding in 1979? Inverse-quotes-quine Can the US president have someone sent to jail? Employer wants to use my work email account after I quit, is this legal under German law? Is this a GDPR waiver? Do French speakers not use the subjunctive informally? Low-gravity Bronze Age fortifications Does ultrasonic bath cleaning damage laboratory volumetric glassware calibration? Why do some games show lights shine through walls? Unusual mail headers, evidence of an attempted attack. Have I been pwned? Smooth Julia set for quadratic polynomials Require advice on power conservation for backpacking trip Dimensions of list used in test C-152 carb heat on before landing in hot weather? Is my Rep in Stack-Exchange Form? What happens when your group is victim of a surprise attack but you can't be surprised? How come I was asked by a CBP
Read more