[j-nsp] DDOS_PROTOCOL_VIOLATION_SET: Protocol Reject:aggregate
Chris Morrow
morrowc at ops-netman.net
Wed Dec 10 22:20:28 EST 2014
On 12/10/2014 09:54 PM, Wojciech Janiszewski wrote:
> Hi,
>
> Make sure that you have a "discard" next-hop instead of default "reject" in
> your aggregate routes.
> That should help.
ick, that ddos protection stuff in JunOS is broken...you should just
disable it:
system {
ddos-protection {
global {
disable-routing-engine;
disable-fpc;
disable-logging;
}
}
}
> 2014-12-10 23:16 GMT+01:00 Brendan Mannella <bmannella at teraswitch.com>:
>
>> Just wondering if anyone has ever seen these DDOS messages before and
>> what i should be looking at to resolve.
>>
>> Dec 10 11:10:24 re0.edge2 jddosd[2710]:
>> DDOS_PROTOCOL_VIOLATION_CLEAR: Protocol Reject:aggregate has returned
>> to normal. Violated at fpc 1 for 931 times, from 2014-12-10 11:05:23
>> EST to 2014-12-10 11:05:23 EST
>>
>> Dec 10 11:23:44 re0.edge2 jddosd[2710]: DDOS_PROTOCOL_VIOLATION_SET:
>> Protocol Reject:aggregate is violated at fpc 1 for 932 times, started
>> at 2014-12-10 11:23:43 EST
>>
>> Dec 10 11:28:49 re0.edge2 jddosd[2710]:
>> DDOS_PROTOCOL_VIOLATION_CLEAR: Protocol Reject:aggregate has returned
>> to normal. Violated at fpc 1 for 932 times, from 2014-12-10 11:23:43
>> EST to 2014-12-10 11:23:43 EST
>>
>> Dec 10 12:50:55 re0.edge2 xntpd[2681]: kernel time sync enabled 6001
>>
>> Dec 10 13:08:00 re0.edge2 xntpd[2681]: kernel time sync enabled 2001
>>
>> Dec 10 15:01:34 re0.edge2 jddosd[2710]: DDOS_PROTOCOL_VIOLATION_SET:
>> Protocol Reject:aggregate is violated at fpc 1 for 933 times, started
>> at 2014-12-10 15:01:33 EST
>>
>> Dec 10 15:06:34 re0.edge2 jddosd[2710]:
>> DDOS_PROTOCOL_VIOLATION_CLEAR: Protocol Reject:aggregate has returned
>> to normal. Violated at fpc 1 for 933 times, from 2014-12-10 15:01:33
>> EST to 2014-12-10 15:01:33 EST
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list