[j-nsp] Mpls down qfx 5100

Rodrigo Augusto rodrigo at 1telecom.com.br
Mon Nov 12 09:37:27 EST 2018 

OkŠ. I will put this configurationŠ.
Protocol Group: L3MTU-fail


  Packet type: aggregate (Aggregate for L3 MTU Check fail)
    Aggregate policer configuration:
      Bandwidth:        500 pps*
      Burst:            10 packets
      Recover time:     300 seconds
      Enabled:          Yes
    Flow detection configuration:
      Detection mode: Automatic  Detect time:  0 seconds
      Log flows:      Yes        Recover time: 0 seconds
      Timeout flows:  No         Timeout time: 0 seconds




 Already putŠ
Thanks a lotŠ..

Rodrigo Augusto
Diretor BackBone IP Grupo Um
http://www.connectoway.com.br <http://www.connectoway.com.br/>
http://www.1telecom.com.br <http://www.1telecom.com.br/>
* rodrigo@ <mailto:rodrigo at connectoway.com.br>1telecom.com.br
( (81) 3497-6060
( INOC-DBA 52965*100




On 11/11/18 05:59, "Saku Ytti" <saku at ytti.fi> wrote:

>Hey,
>
>These are not related to your issue.,
>
>The first one is complaining that you got bunch of packets to your
>device with TTL==1, you need to punt these and generate TTL exceeded
>message. Because it's done in software, it's limited to certain amount
>of packets.
>This is operationally normal during convergence due to microloops and
>such.
>
>
>The second one is complaining that packet came in which wanted to go
>out via interface which has smaller MTU, these also need to be punted
>so we can generate fragmentation needed but DF set message. Doesn't
>indicate anything to help with your original problem, but you might
>want to know why do you have such an small egress MTU, ideally you
>wouldn't ever decrease MTU inside your network.
>
>What ever your problem is, no one can help you with these messages.
>
>On Sat, 10 Nov 2018 at 23:07, Rodrigo 1telecom <rodrigo at 1telecom.com.br>
>wrote:
>>
>>
>> Hi folks.... recently we have some trouble with some mpls tunnels....
>>sometime these tunnels goes down:
>> Follow out logfiles:
>>
>> Nov  9 20:03:42  PE-REC-A01-BKB-SW-001 jddosd[1769]:
>>DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for
>>protocol/exception  TTL:aggregate exceeded its allowed bandwidth at fpc
>>0 for 212 times, started at 2018-11-09 20:03:41 BRT
>> Nov  9 20:03:42  PE-REC-A01-BKB-SW-001 jddosd[1769]:
>>DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for
>>protocol/exception  L3MTU-fail:aggregate exceeded its allowed bandwidth
>>at fpc 0 for 212 times, started at 2018-11-09 20:03:41 BRT
>> Can someone help us?
>> Enviado via iPhone •
>> Grupo Connectoway
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
>-- 
>  ++ytti

More information about the juniper-nsp mailing list