Internal Use - Confidential -----Original Message----- From: Eric Dumazet +ADw-edumazet+AEA-google.com+AD4- Sent: Tuesday, April 16, 2024 6:02 PM To: Zheng Li +ADw-lizheng043+AEA-gmail.com+AD4- Cc: netdev+AEA-vger.kernel.org+ADs- bpf+AEA-vger.kernel.org+ADs- davem+AEA-davemloft.net+ADs- jmorris+AEA-namei.org+ADs- pabeni+AEA-redhat.com+ADs- kuba+AEA-kernel.org+ADs- Li, James Zheng +ADw-James.Z.Li+AEA-Dell.com+AD4- Subject: Re: +AFs-PATCH+AF0- neighbour: guarantee the localhost connections be established successfully even the ARP table is full +AFs-EXTERNAL EMAIL+AF0- On Tue, Apr 16, 2024 at 11:54+IC8-AM Zheng Li +ADw-lizheng043+AEA-gmail.com+AD4- wrote: +AD4- +AD4- From: Zheng Li +ADw-James.Z.Li+AEA-Dell.com+AD4- +AD4- +AD4- Inter-process communication on localhost should be established +AD4- successfully even the ARP table is full, many processes on server +AD4- machine use the localhost to communicate such as command-line +AD4- interface (CLI), servers hope all CLI commands can be executed +AD4- successfully even the arp table is full. Right now CLI commands got +AD4- timeout when the arp table is full. Set the parameter of +AD4- exempt+AF8-from+AF8-gc to be true for LOOPBACK net device to keep localhost neigh in arp table, not removed by gc. +AD4- +AD4- the steps of reproduced: +AD4- server with +ACI-gc+AF8-thresh3 +AD0- 1024+ACI- setting, ping server from more than +AD4- 1024 same netmask Lan IPv4 addresses, run +ACI-ssh localhost+ACI- on console +AD4- interface, then the command will get timeout. +AD4- +AD4- Signed-off-by: Zheng Li +ADw-James.Z.Li+AEA-Dell.com+AD4- +AD4- --- +AD4- net/core/neighbour.c +AHw- 4 +-+-+-- +AD4- 1 file changed, 3 insertions(+-), 1 deletion(-) +AD4- +AD4- diff --git a/net/core/neighbour.c b/net/core/neighbour.c index +AD4- 552719c3bbc3..47d07b122f7a 100644 +AD4- --- a/net/core/neighbour.c +AD4- +-+-+- b/net/core/neighbour.c +AD4- +AEAAQA- -734,7 +-734,9 +AEAAQA- +AF8AXwBf-neigh+AF8-create(struct neigh+AF8-table +ACo-tbl, const +AD4- void +ACo-pkey, struct neighbour +ACoAXwBf-neigh+AF8-create(struct neigh+AF8-table +ACo-tbl, const void +ACo-pkey, +AD4- struct net+AF8-device +ACo-dev, bool +AD4- want+AF8-ref) +AHs- +AD4- - return +AF8AXwBf-neigh+AF8-create(tbl, pkey, dev, 0, false, want+AF8-ref)+ADs- +AD4- +- bool exempt+AF8-from+AF8-gc +AD0- +ACEAIQ-(dev-+AD4-flags +ACY- IFF+AF8-LOOPBACK)+ADs- +AD4- +- +AD4- +- return +AF8AXwBf-neigh+AF8-create(tbl, pkey, dev, 0, exempt+AF8-from+AF8-gc, +AD4- +- want+AF8-ref)+ADs- +AD4- +AH0- +AD4- EXPORT+AF8-SYMBOL(+AF8AXw-neigh+AF8-create)+ADs- +AD4- +AD4- Hmmm... +AD4- Loopback IPv4 can hold 2+AF4-24 different addresses, that is 16384 +ACo- 1024 There is only one Loopback neigh +ACI-0.0.0.0 dev lo lladdr 00:00:00:00:00:00 NOARP+ACI- existing even you have configured 2+AF4-24 different addresses on the loopback device.
