Ok. I will put this configuration. Protocol Group: L3MTU-fail
Packet type: aggregate (Aggregate for L3 MTU Check fail) Aggregate policer configuration: Bandwidth: 500 pps* Burst: 10 packets Recover time: 300 seconds Enabled: Yes Flow detection configuration: Detection mode: Automatic Detect time: 0 seconds Log flows: Yes Recover time: 0 seconds Timeout flows: No Timeout time: 0 seconds Already put Thanks a lot.. Rodrigo Augusto Diretor BackBone IP Grupo Um http://www.connectoway.com.br <http://www.connectoway.com.br/> http://www.1telecom.com.br <http://www.1telecom.com.br/> * rodrigo@ <mailto:rodr...@connectoway.com.br>1telecom.com.br ( (81) 3497-6060 ( INOC-DBA 52965*100 On 11/11/18 05:59, "Saku Ytti" <s...@ytti.fi> wrote: >Hey, > >These are not related to your issue., > >The first one is complaining that you got bunch of packets to your >device with TTL==1, you need to punt these and generate TTL exceeded >message. Because it's done in software, it's limited to certain amount >of packets. >This is operationally normal during convergence due to microloops and >such. > > >The second one is complaining that packet came in which wanted to go >out via interface which has smaller MTU, these also need to be punted >so we can generate fragmentation needed but DF set message. Doesn't >indicate anything to help with your original problem, but you might >want to know why do you have such an small egress MTU, ideally you >wouldn't ever decrease MTU inside your network. > >What ever your problem is, no one can help you with these messages. > >On Sat, 10 Nov 2018 at 23:07, Rodrigo 1telecom <rodr...@1telecom.com.br> >wrote: >> >> >> Hi folks.... recently we have some trouble with some mpls tunnels.... >>sometime these tunnels goes down: >> Follow out logfiles: >> >> Nov 9 20:03:42 PE-REC-A01-BKB-SW-001 jddosd[1769]: >>DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for >>protocol/exception TTL:aggregate exceeded its allowed bandwidth at fpc >>0 for 212 times, started at 2018-11-09 20:03:41 BRT >> Nov 9 20:03:42 PE-REC-A01-BKB-SW-001 jddosd[1769]: >>DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for >>protocol/exception L3MTU-fail:aggregate exceeded its allowed bandwidth >>at fpc 0 for 212 times, started at 2018-11-09 20:03:41 BRT >> Can someone help us? >> Enviado via iPhone >> Grupo Connectoway >> _______________________________________________ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp > > > >-- > ++ytti _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp