[j-nsp] Failing ASM on M7i
Nitzan Tzelniker
nitzan.tzelniker at gmail.com
Sat Jun 4 08:48:38 EDT 2005
what is your junos ver ?
I have similar problem and upgrade to 7.2 solve it ( I hope...)
Nitzan
On 5/23/05, Pete Kruckenberg <pete at kruckenberg.com> wrote:
> Every week or so, the ASM on my M7i's (one or the other)
> will stop producing Cflow/Netflow data.
>
> When this happens:
>
> - "show services accounting flow" usually shows > 200,000
> (sometimes much greater) active flows (normal is 30-50k),
>
> - "show services accounting flow" usually does not show
> fluctuating Active flows, and Flows exported is not
> accumulating
>
> - "show services accounting errors" usually shows accumulating
> "Packets dropped (no memory)"
>
> I'm guessing this is due to some kind of packet-per-second
> DoS attack that exceeds the capacity of the ASM.
>
> These M7i's each terminate a GigE upstream link, which runs
> typically at 300-400Mb/s.
>
> Two questions:
>
> 1. What (if anything) can I do to prevent this from
> happening, so that (preferrably) I can still capture
> Cflow/Netflow information on the DoS traffic, or (at least)
> the ASM will still generate (some) Cflow/Netflow for
> whatever traffic it can.
>
> 2. What's the best way to (proactively) monitor for this
> happening, and what's the best way to restore Netflow
> traffic (I currently try various combinations of "restart
> adaptive-service", "restart sampling" and
> deactivate/activate the ASM interface, usually with little
> success).
>
> Thanks.
> Pete.
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list