[j-nsp] Multicast/Broadcast Packets going to EX CPU

Keegan Holley no.spam at comcast.net
Tue Mar 11 13:16:52 EDT 2014


This is normal unless the firewall filters don’t work.  MDNS/Bonjour is sent to 224.0.0.251 which is in the link local range and is at least read off the wire by everything with an IP stack.  100pps would equate to about 64kbps worst case.  Still it’s best practice to have a FF on every box to prevent things like this.  I doubt this is a bug though.

Keegan

On Mar 10, 2014, at 5:12 PM, Clarke Morledge <chmorl at wm.edu> wrote:

> ------------------------------
> Sebastian,
> 
> We are using a combination of storm-control and firewall filters, just to throttle the multicast back. Nothing special. Since we are not officially supporting multicast applications, this has not really hurt us yet.
> 
> Clarke
> 
> ====================================================
> * Clarke Morledge <chmorl at wm.edu> [2014-03-06 16:42]:
>> Sebastian,
>> 
>> No, you are not alone on this issue.
>> 
>> For a little more context, I have seen the same type of behavior
>> associated with Apple Bonjour traffic related to
>> Multicast DNS reported on this thread in November, 2013:
>> 
>> http://www.gossamer-threads.com/lists/nsp/juniper/48269?do=post_view_flat#48269
>> 
>> Currently, we are implementing ways of limiting multicast.  I am
>> aware that this is more of a "bandaid" approach, but I have never
>> heard a completely satisfactory explanation or solution for this
>> behavior on the EX platform.
> 
> Thank you for your reply,
> 
> can you share a bit more about what countermeasures you are
> implementing? storm-control? firewall filters?
> 
>> If anyone comes up with some good answers, please inform the list.
> 
> +1
> 
> Regards
> 
> Sebastian
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp




More information about the juniper-nsp mailing list