Overview
Kerio Control is constantly sending the following ARP (Address Resolution Protocol) request: Who has <Kerio Control public IP address>? Tell <IP address>
This article shares the process of resolving this issue by modifying the default ARP settings in the internal configuration files of Kerio Control.
Root Cause
This loop generation problem occurs in large networks when there are more ARP requests than the (ISP) server can handle.
Process
Follow these steps:
- Access Kerio Control using SSH.
- Execute this command to make the system readable and writable:
mount -o rw,remount /
- Open the sysctl.conf file using the Nano editor with this command:
nano /etc/sysctl.conf
- Add the following lines and save the file:
net.ipv4.conf.eth0.arp_ignore = 1
net.ipv4.conf.eth0.arp_announce = 2 - Restart Kerio Control using this command:
/etc/boxinit.d/60winroute restart
- (Optional) If the Kerio Control ARP requests are still being generated, add the following lines to
/etc/sysctl.conf
:
sysctl -w net.ipv4.neigh.default.gc_thresh1=4096 sysctl -w net.ipv4.neigh.default.gc_thresh2=8192 sysctl -w net.ipv4.neigh.default.gc_thresh3=8192 sysctl -w net.ipv4.neigh.default.gc_stale_time=86400
Confirmation
ARP settings are modified and the storming/loop requests stop.