Hi,
I'm getting lots of this kind messages:
jddosd[1460]: DDOS_PROTOCOL_VIOLATION_SET: Protocol Reject:aggregate is violated at fpc 0 for 1448 times, started at 2014-11-27 10:56:58 EET
jddosd[1460]: DDOS_PROTOCOL_VIOLATION_CLEAR: Protocol Reject:aggregate has returned to normal. Violated at fpc 0 for 1448 times, from 2014-11-27 10:56:58 EET to 2014-11-27 11:02:38 EET
and I can't figure out: why? Could you point me to the right direction please?
Packet Forwarding Engine traffic statistics:
Input packets: 15240676085 17916 pps
Output packets: 21412011088 24572 pps
Packet Forwarding Engine local traffic statistics:
Local packets input : 15544166
Local packets output : 29380069
Software input control plane drops : 0
Software input high drops : 0
Software input medium drops : 0
Software input low drops : 0
Software output drops : 0
Hardware input drops : 0
Packet Forwarding Engine local protocol statistics:
HDLC keepalives : 0
ATM OAM : 0
Frame Relay LMI : 0
PPP LCP/NCP : 0
OSPF hello : 1702744
OSPF3 hello : 0
RSVP hello : 0
LDP hello : 0
BFD : 0
IS-IS IIH : 0
LACP : 0
ARP : 286860
ETHER OAM : 0
Unknown : 10
Packet Forwarding Engine hardware discard statistics:
Timeout : 0
Truncated key : 0
Bits to test : 0
Data error : 0
Stack underflow : 0
Stack overflow : 0
Normal discard : 11094859
Extended discard : 0
Invalid interface : 0
Info cell drops : 0
Fabric drops : 0
Packet Forwarding Engine Input IPv4 Header Checksum Error and Output MTU Error statistics:
Input Checksum : 0
Output MTU : 0
Packet types: 1, Modified: 0, Received traffic: 1, Currently violated: 0
Currently tracked flows: 0, Total detected flows: 0
* = User configured value
Protocol Group: Reject
Packet type: aggregate (Aggregate for v4 all reject traffic)
Aggregate policer configuration:
Bandwidth: 2000 pps
Burst: 10000 packets
Recover time: 300 seconds
Enabled: Yes
Flow detection configuration:
Detection mode: Automatic Detect time: 3 seconds
Log flows: Yes Recover time: 60 seconds
Timeout flows: No Timeout time: 300 seconds
Flow aggregation level configuration:
Aggregation level Detection mode Control mode Flow rate
Subscriber Automatic Drop 10 pps
Logical interface Automatic Drop 10 pps
Physical interface Automatic Drop 2000 pps
System-wide information:
Aggregate bandwidth is no longer being violated
No. of FPCs that have received excess traffic: 1
Last violation started at: 2014-11-27 11:15:03 EET
Last violation ended at: 2014-11-27 11:22:18 EET
Duration of last violation: 00:07:15 Number of violations: 1449
Received: 35017543 Arrival rate: 19 pps
Dropped: 195341 Max arrival rate: 3398 pps
Routing Engine information:
Bandwidth: 2000 pps, Burst: 10000 packets, enabled
Aggregate policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by individual policers: 0
FPC slot 0 information:
Bandwidth: 100% (2000 pps), Burst: 100% (10000 packets), enabled
Aggregate policer is no longer being violated
Last violation started at: 2014-11-27 11:15:03 EET
Last violation ended at: 2014-11-27 11:22:18 EET
Duration of last violation: 00:07:15 Number of violations: 1449
Received: 35017543 Arrival rate: 19 pps
Dropped: 195341 Max arrival rate: 3398 pps
Dropped by individual policers: 0
Dropped by aggregate policer: 195341
Dropped by flow suppression: 0
Flow counts:
Aggregation level Current Total detected State
Subscriber 0 0 Active