What it is going on. Server with RouterOS v6.27 every four day it have message in the log “ARP table overflow, please consider increasing max-arp-entries” when it happen CPU was load 100% I look in arp table but see there only 500 mac address, after disable WAN port CPU load 2% and messages “ARP table overflow” in the log does not appear.
if you have large subnet attached to LAN interface than a scan for IPs in the range can cause large amount of ARP entries in ARP table. Most of them will be unresolved ones and ROS doesn’t show them …
No I doesn’t have large subnet attached to LAN interface, only 500 - 600 users and other servers serve 500 - 600 users but doesn’t have such problem. Problem have only two servers which connect with same ISP. My ISP gave me subnet /27. On the wan port I see in arp table only mac-address gateway. Have any idea?
and what size of subnets(s) do you have directly connected to non-WAN interfaces?
IMHO it is possible that MT uses 512 limit on ARP table…
It looks like someone other had the same problem already:
http://forum.mikrotik.com/t/undocumented-commands/83773/1
Thanks dada for the link to this topic but I had read this topic already.
ip settings print
ip-forward: yes
send-redirects: yes
accept-source-route: no
accept-redirects: no
secure-redirects: yes
rp-filter: no
tcp-syncookies: no
max-arp-entries: 8192
arp-timeout: 30s
icmp-rate-limit: 10
icmp-rate-mask: 0x1818
allow-fast-path: yes
As you can see max-arp-entries 8192
Server has two interface
ether1 I use it as WAN interface and has ip subnet with /24 mask
ether2 I add 7 VLAN intarfaces
every VLAN has ip subnet with /24 mask
I think you have to create a supot.rif file and ask MT support for a solution…
CASE : ARP table overflow, please consider increasing max-arp-entries
resolve : /ip settings set max-arp-entries=16384
(16384 = 16Mx1024)
In my case it was The Dude what made this problem to show. Increasing the max ARP entries to 16384 solved the problem.