[j-nsp] DDOS_PROTOCOL_VIOLATION_SET: Protocol Reject:aggregate
Sebastian Wiesinger
juniper-nsp at ml.karotte.org
Mon Dec 15 09:14:04 EST 2014
* Brendan Mannella <bmannella at teraswitch.com> [2014-12-10 23:18]:
> Just wondering if anyone has ever seen these DDOS messages before and
> what i should be looking at to resolve.
>
> Dec 10 11:10:24 re0.edge2 jddosd[2710]:
> DDOS_PROTOCOL_VIOLATION_CLEAR: Protocol Reject:aggregate has returned
> to normal. Violated at fpc 1 for 931 times, from 2014-12-10 11:05:23
> EST to 2014-12-10 11:05:23 EST
If you have firewall filters, try to change "reject" actions to
"discard". The router is flooded with packets for which he is
configured to send a TCP Reset or ICMP error message back.
Regards
Sebastian
--
GPG Key: 0x93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE)
'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE SCYTHE.
-- Terry Pratchett, The Fifth Elephant
More information about the juniper-nsp
mailing list