[j-nsp] QFX DDOS Violations
john doe
johan.borch at gmail.com
Tue Nov 29 15:36:13 EST 2022
Hi!
How do you identify the source problem of DDOS violations that junos logs
for QFX? For example what interface that is causing the problem?
DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for
protocol/exception VXLAN:aggregate exceeded its allowed bandwidth at fpc 0
for 30 times, started at...
The configured rate for VXLAN is 500pps, ddos protection is seeing rates
over 150 000pps
This is an spine/leaf setup, one theory is that the vxlan traffic that most
of our QFX boxes are activation ddos protection for is actually vxlan
services running inside the vxlans, for example we have kubernetes clusters
using vxlan. Is that a sane theory?
Johan
More information about the juniper-nsp
mailing list