[j-nsp] punting base address packets to RE

Frank Sweetser fs at WPI.EDU
Tue Aug 25 08:46:31 EDT 2015


If I recall correctly, the base address of a subnet was originally used as an 
alternative broadcast address by some ancient equipment.  While it's not a 
behavior I'd expect to see actively used in modern equipment, seeing it 
handled as a special case as a receiver doesn't surprise me.

Based on this, it looks like it's handled as a directed broadcast:


https://www.juniper.net/techpubs/en_US/junose10.3/information-products/topic-collections/swconfig-ip-ipv6/id-25742.html

Frank Sweetser fs at wpi.edu    |  For every problem, there is a solution that
Manager of Network Operations   |  is simple, elegant, and wrong.
Worcester Polytechnic Institute |           - HL Mencken

On 08/25/2015 05:45 AM, Saku Ytti wrote:
> On (2015-08-24 18:38 +0000), Michael Hare wrote:
>
> Hey,
>
>> Sorry if this is remedial, but are packets sent to the base address of a directly connected subnet always punted to RE and if so, why?  Historic compatibility?  I couldn't determine any bucket under the ddos-protection protocol statistics such traffic ends up in, either.  I haven't seen any negative side effects of this, only noticing this after I followed up on a high pps drop rate for one of our routing engines.  This seems to happen regardless of what I have 'targeted-broadcast' configured with [absent, forward-only].
>
> Terrific question, I don't know, I don't think there is any real reason why
> those need to be punted.
> It's probably something people have done in their IP implementation and it has
> just carried over in fear of changing the behaviour might break something, and
> almost certainly someone now relies on this behaviour for what ever strange
> reasons.
>
> Pretty sure you'll see them in ddos-protection in what ever protocol the
> traffic is, ddos-protection would not care about your DADDR, because decision
> to punt was done before ddos-protection got the frame.
>
>
>> For what it's worth, the above is an MX104, but I also see this on other MX MPC hardware.
>


More information about the juniper-nsp mailing list