[j-nsp] DA rejects

randy.taylor at bell.ca randy.taylor at bell.ca
Sun Dec 18 17:57:17 EST 2011


Yes I think that is the problem with cdp since it is an unknown multicast address that the router will see. 


--------------------------
Sent using BlackBerry


----- Original Message -----
From: Richard A Steenbergen <ras at e-gerbil.net>
To: Taylor, Randy (3014372)
Cc: Paul Stewart <paul at paulstewart.org>; juniper-nsp at puck.nether.net <juniper-nsp at puck.nether.net>
Sent: Sun Dec 18 16:23:49 2011
Subject: Re: [j-nsp] DA rejects

On Thu, Dec 15, 2011 at 02:11:18PM -0500, randy.taylor at bell.ca wrote:
> I have seen this before facing Cisco device running CDP.  Maybe you 
> have something that is running on your box that it does not 
> understand.

DA Rejects are when your router receive receives a packet that is 
destined for a MAC address that "isn't it"... This is normal/expected 
behavior in small doses, since even on a switched network the unknown 
unicast flooding stage of MAC learning will result in a few packets 
being sent to ports that weren't actually the correct destinations. If 
the router was an ordinary host these would be the type of packets you 
would need to turn on "promiscuous mode" to see.

This is not to be confused with L3 Incompletes, which is what you're 
probably thinking about re: CDP. This simply means a packet without a L3 
header that the router doesn't know what to do with (since the Juniper 
device doesn't speak CDP), and thus discards.

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)



More information about the juniper-nsp mailing list