Junos OS

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about Junos OS.
  • 1.  system ddos-protection

    Posted 08-08-2023 07:44

    Colleagues hello .

    show configuration system ddos-protection    
    traceoptions {
        file ddos-trace size 10m world-readable;
        flag all;
    }

    show log ddos-trace

    Aug  8 08:08:25 5200: ProtocolID does not exist.
    Aug  8 08:08:25 5200: ProtocolID does not exist.
    Aug  8 08:08:25 Received flow from slot: 3, but no protocol: 0
    Aug  8 08:08:25 Received flow from slot: 4, but no protocol: 0

    Colleagues, can someone explain what it means is this a conclusion?



  • 2.  RE: system ddos-protection

    Posted 08-16-2023 06:37

    The ddos protection is meant to ignore obviously bad or very high volume traffic assumed to be ddos.  The logs show that traffic of invalid protocol type and/or port was seen.  The flow engine evaluates the 5 tuple and notes the fpc location of the traffic logged.

    https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/concept/subscriber-management-ddos-protection.html



    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
    http://puluka.com/home
    ------------------------------