[j-nsp] SRX3600 Problem
Cahit Eyigünlü
cahit.eyigunlu at spd.net.tr
Tue Apr 21 12:22:59 EDT 2015
We are getting a spoofed ip syn attack. When attack starts and over 100K pps our SRX3600 was losting the connection. And we check the status of the device over the Serial connection. But we could not determine why it has been dropped the connection
Should somebody help us to over come this issue ?
root at srx3600.spd.net.tr> show security flow cp-session summary
Valid sessions: 141
Pending sessions: 621628
Invalidated sessions: 517864
Sessions in other states: 1
Total sessions: 1139634
Maximum sessions: 2359296
root at srx3600.spd.net.tr> show security monitoring fpc 12
FPC 12
PIC 0
CPU utilization : 44 %
Memory utilization : 67 %
Current flow session : 147286
Current flow session IPv4: 147286
Current flow session IPv6: 0
Max flow session : 524288
Current CP session : 1074031
Current CP session IPv4: 1074031
Current CP session IPv6: 0
Max CP session : 2359296
Total Session Creation Per Second (for last 96 seconds on average): 13
IPv4 Session Creation Per Second (for last 96 seconds on average): 13
IPv6 Session Creation Per Second (for last 96 seconds on average): 0
root at srx3600.spd.net.tr> show chassis routing-engine
Routing Engine status:
Slot 0:
Current state Master
Election priority Master (default)
DRAM 1023 MB
Memory utilization 44 percent
CPU utilization:
User 0 percent
Background 0 percent
Kernel 5 percent
Interrupt 0 percent
Idle 95 percent
Model RE-PPC-1200-A
Start time 2015-04-15 02:06:10 UTC
Uptime 4 days, 15 hours, 16 minutes, 29 seconds
Last reboot reason Router rebooted after a normal shutdown.
Load averages: 1 minute 5 minute 15 minute
0.14 0.07 0.11
root at srx3600.spd.net.tr> show security monitoring performance spu
fpc 12 pic 0
Last 60 seconds:
0: 39 1: 45 2: 44 3: 40 4: 44 5: 40
6: 38 7: 46 8: 45 9: 39 10: 44 11: 39
12: 38 13: 45 14: 38 15: 45 16: 44 17: 39
18: 44 19: 39 20: 44 21: 40 22: 44 23: 39
24: 38 25: 45 26: 44 27: 40 28: 44 29: 40
30: 45 31: 40 32: 45 33: 41 34: 45 35: 39
36: 45 37: 39 38: 45 39: 39 40: 44 41: 39
42: 44 43: 39 44: 44 45: 39 46: 46 47: 39
48: 45 49: 39 50: 44 51: 39 52: 45 53: 39
54: 44 55: 39 56: 44 57: 39 58: 44 59: 39
root at srx3600.spd.net.tr> show security monitoring performance session
fpc 12 pic 0
Last 60 seconds:
0: 127861 1: 146887 2: 130877 3: 147286 4: 134179 5: 145303
6: 133196 7: 144339 8: 132233 9: 143981 10: 130861 11: 143042
12: 131280 13: 142719 14: 130623 15: 142493 16: 132094 17: 143124
18: 132726 19: 143938 20: 133022 21: 143349 22: 133100 23: 143469
24: 134321 25: 143694 26: 137340 27: 145672 28: 141399 29: 145458
30: 145697 31: 146920 32: 144260 33: 145259 34: 141360 35: 142157
36: 137389 37: 140399 38: 136483 39: 139640 40: 136597 41: 139363
42: 139707 43: 143110 44: 140994 45: 143038 46: 139781 47: 141751
48: 136746 49: 139456 50: 137395 51: 139898 52: 137503 53: 140300
54: 136762 55: 139315 56: 136245 57: 138951 58: 136685 59: 139288
root at srx3600.spd.net.tr> show chassis hardware
Hardware inventory:
Item Version Part number Serial number Description
Chassis xxxxxxxxxxxx SRX 3600
Midplane REV 07 710-020310 xxxxxxxxxxxx SRX 3600 Midplane
PEM 0 rev 08 740-027644 xxxxxxxxxxxx AC Power Supply
PEM 1 rev 08 740-027644 xxxxxxxxxxxx AC Power Supply
CB 0 REV 14 750-021914 xxxxxxxxxxxx SRX3k RE-12-10
Routing Engine BUILTIN BUILTIN Routing Engine
CPP BUILTIN BUILTIN Central PFE Processor
Mezz REV 08 710-021035 xxxxxxxxxxxx SRX HD Mezzanine Card
FPC 0 REV 16 750-021882 xxxxxxxxxxxx SRX3k SFB 12GE
PIC 0 BUILTIN BUILTIN 8x 1GE-TX 4x 1GE-SFP
FPC 1 REV 20 750-020321 xxxxxxxxxxxx SRX3k 2x10GE XFP
PIC 0 BUILTIN BUILTIN 2x 10GE-XFP
Xcvr 0 NON-JNPR xxxxxxxxxxxx XFP-10G-SR
Xcvr 1 NON-JNPR xxxxxxxxxxxx XFP-10G-SR
FPC 4 REV 14 750-020321 xxxxxxxxxxxx SRX3k 2x10GE XFP
PIC 0 BUILTIN BUILTIN 2x 10GE-XFP
Xcvr 0 NON-JNPR xxxxxxxxxxxx XFP-10G-SR
Xcvr 1 NON-JNPR xxxxxxxxxxxx XFP-10G-SR
FPC 10 REV 19 750-017866 xxxxxxxxxxxx SRX3k NPC
PIC 0 BUILTIN BUILTIN NPC PIC
FPC 12 REV 13 750-016077 xxxxxxxxxxxx SRX3k SPC
PIC 0 BUILTIN BUILTIN SPU Cp-Flow
Fan Tray 0 REV 06 750-021599 xxxxxxxxxxxx SRX 3600 Fan Tray
srx3600.spd.net.tr Seconds: 7 Time: 17:23:00
Delay: 0/0/46
Interface: ge-0/0/1, Enabled, Link is Up
Encapsulation: Ethernet, Speed: 1000mbps
Traffic statistics: Current delta
Input bytes: 83679085589 (437323760 bps) [389746332]
Output bytes: 101886713 (0 bps) [60]
Input packets: 1359813079 (881694 pps) [6286191]
Output packets: 594841 (0 pps) [1]
Error statistics:
Input errors: 0 [0]
Input drops: 0 [0]
Input framing errors: 0 [0]
Policed discards: 0 [0]
L3 incompletes: 0 [0]
L2 channel errors: 0 [0]
L2 mismatch timeouts: 0 Carrier transiti [0]
Next='n', Quit='q' or ESC, Freeze='f', Thaw='t', Clear='c', Interface='i'
root at srx3600.spd.net.tr> show chassis routing-engine
Routing Engine status:
Slot 0:
Current state Master
Election priority Master (default)
DRAM 1023 MB
Memory utilization 44 percent
CPU utilization:
User 0 percent
Background 0 percent
Kernel 4 percent
Interrupt 0 percent
Idle 95 percent
Model RE-PPC-1200-A
Start time 2015-04-15 02:06:10 UTC
Uptime 4 days, 15 hours, 18 minutes, 19 seconds
Last reboot reason Router rebooted after a normal shutdown.
Load averages: 1 minute 5 minute 15 minute
0.04 0.06 0.10
?
________________________________
Bu e-posta kişiye özel olup, gizli bilgiler içeriyor olabilir. Eğer bu e-posta size yanlışlıkla ulaşmışsa, içeriğini hiç bir şekilde kullanmayınız ve ekli dosyaları açmayınız. Bu e-posta virüslere karşı anti-virüs sistemleri tarafından taranmıştır. Ancak SPDNET, bu e-postanın - virüs koruma sistemleri ile kontrol ediliyor olsa bile - virüs içermediğini garanti etmez ve meydana gelebilecek zararlardan doğacak hiçbir sorumluluğu kabul etmez.
More information about the juniper-nsp
mailing list