[j-nsp] Identifying pfe icmp throttled traffic
Richard A Steenbergen
ras at e-gerbil.net
Sun Mar 8 18:22:59 EDT 2009
On Sun, Mar 08, 2009 at 02:49:18PM -0700, Nilesh Khambal wrote:
> Richard,
>
> You can try "debug icmp error" from pfe. However, depending on load
> this might fill up the syslog buffer really fast. Messages are also
> throttled at 10 pps. You can disable the message generation using
> "undebug icmp error". Before enabling debug run command "show icmp
> statistics" from each dpc/pfe to find out which fpc is generating
> those error stats and then run debug on that fpc.
Nothing shows up under "debug icmp error", but "debug icmp all" works.
Of course its extremely time consuming to try and figure out which fpc
has incrementing throttles (since there is no clear command, and no way
to do this from regular cli) then parse the output without benefit of |
match, but its better than nothing. Thanks.
While I'm on the subject, is there any way to see and/or modify the
throttle rate? I know the default changed for some FPC types in some
recent version of JUNOS, but I don't remember the exact details.
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the juniper-nsp
mailing list