On Sep 24, 2025, at 2:44 AM, Saku Ytti <[email protected]> wrote: > > I want to add clarity here. You are of course punting frames on all > VLANs. As this is not IP only, this is also L2.
But only where an IRB is present, yes? Example: I have VLANs 10,20,30,40 on the switch, but only irb.10 exists with an L3 interface. I don't have to worry about ARP or other protocols on VLANs 20, 30, 40 because those are forwarded on the data plane only, correct? Either way, I've taken several packet captures on the IRB and uplinks to this switch, and there are no traffic bursts that correlate to the DDOS messages (irb never goes above 50pps). Meanwhile, the uplink captures also show no OSPF/VC/etc traffic whatsoever, and those have increasing ddos counters, so I suspect something is flaky on the hardware. Unless I see this on other switches, I'm going to pop this one out and see if that resolves the issue. Thanks, Jason _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
