[j-nsp] Flowspec not filtering traffic.
Saku Ytti
saku at ytti.fi
Sat Sep 17 02:00:13 EDT 2022
Can you provide some output.
Like 'show route table inetflow.0 extensive' and config.
On Sat, 17 Sept 2022 at 05:05, Gustavo Santos via juniper-nsp
<juniper-nsp at puck.nether.net> wrote:
>
> Hi,
>
> We have noticed that flowspec is not working or filtering as expected.
> Trying a DDoS detection and rule generator tool, and we noticed that the
> flowspec rule is installed,
> the filter counter is increasing , but no filtering at all.
>
> For example DDoS traffic from source port UDP port 123 is coming from an
> Internet Transit
> facing interface AE0.
> The destination of this traffic is to a customer Interface ET-0/0/10.
>
> Even with all information and "show" commands confirming that the traffic
> has been filtered, customer and snmp and netflow from the customer facing
> interface is showing that the "filtered" traffic is hitting the destination.
>
> Is there any caveat or limitation or anyone hit this issue? I tried this
> with two MX10003 routers one with 19.R3-xxx and the other one with 20.4R3
> junos branch.
>
> Regards.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
--
++ytti
More information about the juniper-nsp
mailing list