Switching

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  DDOS Protection messages

    Posted 05-14-2021 04:13
    Hi ,

    I would like to understand what the reason for the ARP: snoop error messages mean?

    May 14 03:21:42 ddosChangeEvent: asynchronous message
    May 14 03:21:42 Event report
    May 14 03:21:42 Looking for protocol: 3402, group id = 34, proto index = 2. Group size = 125
    May 14 03:21:42 Generate protocol change ERRMSG for ARP:arp-snoop from fpc 0
    May 14 03:21:42 INFO: Host-bound traffic for protocol/exceptionARP:arp-snoop has returned to normal. Its allowed bandwith was exceeded at fpc 0 for 275 times, from 2021-05-14 03:16:41 UTC to 2021-05-14 03:16:41 UTC

    specifically the line : Looking for protocol: 3402, group id = 34, proto index = 2. Group size = 125 

    as I am trying to understand the culprit causing the messages.

    thanks
    Stuart


    ------------------------------
    STUART DAY
    ------------------------------


  • 2.  RE: DDOS Protection messages

    Posted 07-01-2021 14:02
    That is how this protocol is defined at the FPC level. If you start a session towards the FPC, and you check the protocol 3402, you will find that definition is withing the `arp-snooping`

    It is really how it is seen in the HW.

    Regards,

    Elvin