[j-nsp] Multicast/Broadcast Packets going to EX CPU

Keegan Holley no.spam at comcast.net
Wed Mar 5 12:32:28 EST 2014


I agree.  It’s more likely that you had an increase in packets that the switch would process normally than the switch getting bored and suddenly deciding to read packets off the wire.  If there is an IP interface on the network that the broadcast/multicast packets traverse, the switch must read them just like every other IP enabled host.  This will even happen for tagged frames if there is a VLAN interface that matches the tag.

On Mar 5, 2014, at 6:52 AM, Chris Evans <chrisccnpspam2 at gmail.com> wrote:

> low TTL on the multicast frames will cause this..
> Also the multicast destination addresses will do this too if they're in
> 224.0.0.0/24
> 
> 
> On Wed, Mar 5, 2014 at 8:49 AM, Sebastian Wiesinger <
> juniper-nsp at ml.karotte.org> wrote:
> 
>> Hello,
>> 
>> I'm currently looking at an EX4500 setup that had a few problems
>> related to multicast/broadcast packets going to the CPU (and sometimes
>> preventing required packets like LACP reaching the CPU) of the switch.
>> I assume this was because the queue between PFE and CPU was full (is
>> there a way to check?).
>> 
>> I noticed that multicast and broadcast packets in all VLANs are sent
>> to the CPU. My question is why? IGMP snooping and VSTP is not enabled
>> on the switch and apart from that I don't see an apparent reason why
>> it should do this for tagged frames.
>> 
>> Example of packets being sent to the CPU includes VRRP packets from
>> attached routers (DMAC 01:00:5e:00:00:12) and BOOTP/DHCP (DMAC
>> ff:ff:ff:ff:ff:ff) packets.
>> 
>> Would an lo0 firewall filter help? Is this applied before or after the
>> packets are sent over the PFE-CPU link?
>> 
>> Perhaps you could share your ideas on how this could be prevented and
>> what you're doing to protect the CPU on these EX boxes.
>> 
>> Regards
>> 
>> Seastian
>> 
>> --
>> GPG Key: 0x93A0B9CE (F4F6 B1A3 866B 26E9 450A  9D82 58A2 D94A 93A0 B9CE)
>> 'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE
>> SCYTHE.
>>            -- Terry Pratchett, The Fifth Elephant
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp




More information about the juniper-nsp mailing list