[rbak-nsp] LM / L2TP errors

Florian Lohoff f at zz.de
Wed Feb 19 14:13:23 EST 2014


On Wed, Feb 19, 2014 at 06:17:08PM +0100, Golem wrote:
> Hello Redback-nsp,
> 
> What these errors mean ?
> 
> Feb 19 17:29:21: %LM-3-ERR: Receiving interface for Ping/Traceroute request not located
> Feb 19 17:29:23: %L2TP-3-EMSG: Packet is too long, it was truncated
> Feb 19 17:29:30: %L2TP-6-TUNNEL: someip:53 received packet without S-bit in header
> 
> Once  it  happend  router  start  dropping  bgp  sesions  and act like
> overloaded, high latency ~200ms on all interfaces. We not using l2tp.
> 
> Is there anything to prevent these errors in future ?

When not using L2TP your admin-access-group should exclude accepting UDP
Port 1701 e.g. L2TP (It should be a deny all at the end anyway). Does
it?

Flo
-- 
Florian Lohoff                                                 f at zz.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20140219/bcbc0619/attachment.sig>


More information about the redback-nsp mailing list