Junos OS

 View Only
last person joined: yesterday 

Ask questions and share experiences about Junos OS.
  • 1.  EX4300-48MP - DDOS_PROTOCOL_VIOLATION_SET

    Posted 09-26-2022 16:31
    I am seeing the following messages yellow in my message logs and I'm not sure if it is an issue or not.  Looking  back in further in the logs I see the other instances.  However, they are only about 5 mins in duration, and the most current issue has still not cleared.   It seems that ddos protocol violation is "vchassis".   Any idea how to diagnose this issue further?

    root@VC7501> show ddos-protection protocols virtual-chassis violations
    Packet types: 2, Currently violated: 1

    Protocol Packet Bandwidth Arrival Peak Policer bandwidth
    group type (pps) rate(pps) rate(pps) violation detected at
    vchassis aggregate 500 589 1093 2022-09-26 07:24:21 EDT
    Detected on: FPC-0
           


    Sep 26 07:24:21 VC7501 jddosd[17868]: DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception Virtual-Chassis:aggregate exceeded its allowed bandwidth at fpc 0 for 61 times, started at 2022-09-26 07:24:21 EDT

    root@VC7501:RE:0% zcat /var/log/messages.0.gz | grep DDOS
    Sep 14 15:51:57 VC7501 jddosd[17868]: DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception Virtual-Chassis:aggregate exceeded its allowed bandwidth at fpc 0 for 60 times, started at 2022-09-14 15:51:57 EDT
    Sep 14 15:57:07 VC7501 jddosd[17868]: DDOS_PROTOCOL_VIOLATION_CLEAR: INFO: Host-bound traffic for protocol/exception Virtual-Chassis:aggregate has returned to normal. Its allowed bandwith was exceeded at fpc 0 for 60 times, from 2022-09-14 15:51:57 EDT to 2022-09-14 15:52:07 EDT

    ------------------------------
    JAMES RONALD
    ------------------------------


  • 2.  RE: EX4300-48MP - DDOS_PROTOCOL_VIOLATION_SET

    Posted 10-07-2022 10:52
    Check this kb article to see where the triggers are coming from.

    https://supportportal.juniper.net/s/article/MX-Syslog-message-DDOS-PROTOCOL-VIOLATION-SET-Warning-Host-bound-traffic-for-protocol-exception-Sample-aggregate-exceeded-its-allowed-bandwidth

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
    http://puluka.com/home
    ------------------------------