[j-nsp] rpd DDoS?
Georg Bachler
gbachler at juniper.net
Fri Sep 1 03:42:17 EDT 2006
Hi Joerg,
how does the output from
"show pfe statistics traffic | match drops "
looks like?
//Georg
Friday, September 1, 2006, 9:35:54 AM, you wrote:
JSTN> Leigh Porter wrote:
>> Hi,
>>
>> Like he said, it didn't crash ;-)
>>
>> Joerg, do you have a firewall policy to protect your routing engine? If
>> so, I would have thought that this would have suitable protected the
>> routing engine if there were a DoS attack.
>>
JSTN> I have a really paranoid firewall filter to protect the RE. It only
JSTN> allows BGP from my direct neighbors, icmp is via policer etc. etc.
JSTN> So i doubt that it was a normal DDoS Attack.
JSTN> Meanwhile i heard that other members from the INXS expirienced high CPU
JSTN> usage on their C routers also and lost some BGP Sessions.
JSTN> -Joerg
JSTN> _______________________________________________
JSTN> juniper-nsp mailing list juniper-nsp at puck.nether.net
JSTN> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list