Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: nmap: [REGRESSION 5.00-3 -> 6.00-0.3] -sP fails with "nexthost: failed to determine route to X.X.X.X"

From: David Fifield <david () bamsoftware com>
Date: Wed, 31 Jul 2013 18:31:21 -0700
On Wed, Jul 31, 2013 at 08:16:56PM -0500, Daniel Miller wrote:

I tracked this down a while back, but I don't remember what happened to my
report. Essentially, you've run up against a limit in the Linux kernel that
can be tuned. The setting mentioned,
"/proc/sys/net/ipv4/neigh/default/gc_thresh3",
is the max number of arp cache entries. If
 your network has more than the default 1024 addresses, then this table can
fill up. It won't in most cases, even if you set it to a lower number,
since most networks are sparsely populated.

It's not a bug in Nmap, because I can produce the same issue with:

    sudo ifconfig eth0:0 10.10.0.0 netmask 255.255.0.0
    for i in {1..255}; do for j in {1..254}; do ping -c 1 10.10.$i.$j &
done; done


But why does 5.52.IPv6.Beta1 not exhibit the problem and 5.52.IPv6.Beta2
does? In the original report it was something new that an ARP scan would
fill up the ARP cache.

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: