Hi! How do you identify the source problem of DDOS violations that junos logs for QFX? For example what interface that is causing the problem?
DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception VXLAN:aggregate exceeded its allowed bandwidth at fpc 0 for 30 times, started at... The configured rate for VXLAN is 500pps, ddos protection is seeing rates over 150 000pps This is an spine/leaf setup, one theory is that the vxlan traffic that most of our QFX boxes are activation ddos protection for is actually vxlan services running inside the vxlans, for example we have kubernetes clusters using vxlan. Is that a sane theory? Johan _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
