[j-nsp] DDOS_PROTOCOL_VIOLATION_SET: Protocol Reject:aggregate
Wojciech Janiszewski
wojciech.janiszewski at gmail.com
Wed Dec 10 21:54:45 EST 2014
Hi,
Make sure that you have a "discard" next-hop instead of default "reject" in
your aggregate routes.
That should help.
Regards,
Wojciech
2014-12-10 23:16 GMT+01:00 Brendan Mannella <bmannella at teraswitch.com>:
> Just wondering if anyone has ever seen these DDOS messages before and
> what i should be looking at to resolve.
>
> Dec 10 11:10:24 re0.edge2 jddosd[2710]:
> DDOS_PROTOCOL_VIOLATION_CLEAR: Protocol Reject:aggregate has returned
> to normal. Violated at fpc 1 for 931 times, from 2014-12-10 11:05:23
> EST to 2014-12-10 11:05:23 EST
>
> Dec 10 11:23:44 re0.edge2 jddosd[2710]: DDOS_PROTOCOL_VIOLATION_SET:
> Protocol Reject:aggregate is violated at fpc 1 for 932 times, started
> at 2014-12-10 11:23:43 EST
>
> Dec 10 11:28:49 re0.edge2 jddosd[2710]:
> DDOS_PROTOCOL_VIOLATION_CLEAR: Protocol Reject:aggregate has returned
> to normal. Violated at fpc 1 for 932 times, from 2014-12-10 11:23:43
> EST to 2014-12-10 11:23:43 EST
>
> Dec 10 12:50:55 re0.edge2 xntpd[2681]: kernel time sync enabled 6001
>
> Dec 10 13:08:00 re0.edge2 xntpd[2681]: kernel time sync enabled 2001
>
> Dec 10 15:01:34 re0.edge2 jddosd[2710]: DDOS_PROTOCOL_VIOLATION_SET:
> Protocol Reject:aggregate is violated at fpc 1 for 933 times, started
> at 2014-12-10 15:01:33 EST
>
> Dec 10 15:06:34 re0.edge2 jddosd[2710]:
> DDOS_PROTOCOL_VIOLATION_CLEAR: Protocol Reject:aggregate has returned
> to normal. Violated at fpc 1 for 933 times, from 2014-12-10 15:01:33
> EST to 2014-12-10 15:01:33 EST
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list