EX4600 DDOS защита

Определить какой протокол сработал:

show ddos-protection protocols statistics terse

Уменьшить/увеличить порог срабатывания защиты

set system ddos-protection protocols ttl aggregate burst 500

If this solves your problem, please mark this post as «Accepted Solution.»
Kudos are always appreciated Smiley Happy.
show ddos-protection protocols statistics | find «Protocol Group: L3MTU»
show ddos-protection protocols statistics | find «Protocol Group: IPMCAST»

 

Based on the timing of log messages, you can check for actual packets hitting the routing engine of the device using:

monitor traffic interface <intf_name> no-resolve extensive
OR

monitor traffic interface <intf_name> no-resolve extensive write-file /var/tmp/DDOS.pcap ———> remember to stop this, copy out the file «DDOS.pcap» from /var/tmp/ and delete it before its too big.

 

https://forums.juniper.net/t5/Ethernet-Switching/jddosd-warning-on-multiple-fpc-s/td-p/461521

https://www.juniper.net/documentation/en_US/junos/topics/concept/subscriber-management-ddos-protection.html

 

Запись опубликована в рубрике Juniper, Security, Блог с метками . Добавьте в закладки постоянную ссылку.