Bug#678519: general: after about 1 month of uptime, routing of IPv6 packets is no longer possible, and IPv4 routing becomes slow and unpredictable. Rebooting brings all functionality back, and back to speed. so far the best way for me to discover is to try a ping6, and reboot the firewall (this machine), when ping6 from the inner network fails.

To: Rudy Zijlstra <rudy@grumpydevil.homelinux.org>
Cc: 678519@bugs.debian.org
Subject: Bug#678519: general: after about 1 month of uptime, routing of IPv6 packets is no longer possible, and IPv4 routing becomes slow and unpredictable. Rebooting brings all functionality back, and back to speed. so far the best way for me to discover is to try a ping6, and reboot the firewall (this machine), when ping6 from the inner network fails.
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sat, 23 Jun 2012 09:53:11 -0300
Message-id: <[🔎] 20120623125311.GA18869@khazad-dum.debian.net>
Reply-to: Henrique de Moraes Holschuh <hmh@debian.org>, 678519@bugs.debian.org
In-reply-to: <[🔎] 4FE58BA3.2010001@grumpydevil.homelinux.org>
References: <[🔎] 20120622115937.1905.22529.reportbug@janus.office.romunt.nl> <[🔎] 20120622193831.GD32380@khazad-dum.debian.net> <[🔎] 4FE58BA3.2010001@grumpydevil.homelinux.org>

On Sat, 23 Jun 2012, Rudy Zijlstra wrote:
> On 22-06-12 21:38, Henrique de Moraes Holschuh wrote:
> >On Fri, 22 Jun 2012, Rudy Zijlstra wrote:
> >>let system run with IPv4&  IPv6 routing for about 1 month
> >>>IPv6 routing will start to fail
> >>>IPv4 routing becomes slow and unpredictable
> >>no obvious causes visible in the system. top and friends do not show a cpu hog
> >>
> >>a reboot will bring the system back to normal behaviour.
> >Please use (as root) "ip neigh show", and "ip route list cache" to try to
> >track down any weird differences between the box when it is behaving
> >normally, and the box when wedged.  You may want to compare it to a healthy
> >box on the same network segment.
> >
> >You can also try to see if "ip route flush cache" and "ip neigh flush" can
> >unwedge the system.  After a flush, "ip neigh show" and "ip route list
> >cache" should return very few, if any, entries.
> >
> Thanks, i've stored the current output of these commands, including
> the IPv6 version, so i can compare when trouble hits again in some
> weeks.

You probably want to store their output once a day.  If it is a
neighbour/route cache leak or malfunction of some sort (e.g. routes getting
stuck in the presence of ICMP redirects), you should be able to notice that
old crap is accumulating over time.

If possible, do the same in a box that does not show the same problem
(ideally in the same network segment), so that you have a baseline to
compare to.

Note that it could be something else entirely, don't rule out hardware
malfunction (sometimes cleared if you down the interfaces and then bring
them up again), or driver issues (sometimes cleared if you rmmod + modprobe
the buggy driver).  And make sure the box is running the latest firmware
(BIOS/UEFI, NIC firmware...).

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

Follow-Ups:
- Bug#678519: general: after about 1 month of uptime, routing of IPv6 packets is no longer possible, and IPv4 routing becomes slow and unpredictable. Rebooting brings all functionality back, and back to speed. so far the best way for me to discover is to try a ping6, and reboot the firewall (this machine), when ping6 from the inner network fails.
  - From: Rudy Zijlstra <rudy@grumpydevil.homelinux.org>

References: