There is option packet rate limiting in the pfe. The "filter" is, I believe, standard tcp dump Op indicating that the packets passed whatever user supplied regex filter expression (in your case null), a function that is broken in junos and in theory evoked with the "matching" keyword to monitor traffic.
Unlike the default arp policer I do not believe you can view the optioned packets rate limiting directly. I just posted to this forum w/some info on the rate limit and how to confirm. Regards -----Original Message----- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Marlon Duksa Sent: Wednesday, August 05, 2009 11:07 AM To: Juniper-Nsp Subject: [j-nsp] RE CPU DoS Filters Hi - is there any way to look at he default filters that are applied on the RE? Or see what's being queued on the RE for processing, say RSVP packets, or BGP packets, or IGMP packets, something along the 'netstat' command. We are dropping some control traffic into the RE. When we run the command "run monitor traffic interface xxx' we see that we receive only 533 packets by "filter". Which filter? We are sending 1000 packets but only receiving 533. We know that we do not have any filter on the interfaces. So this filter, is it a control plane filter? How do we see it or change it? 1:03:09.553047 In IP 20.1.1.2 > 224.0.0.22: igmp v3 report, 1 group record(s) 11:03:09.553048 In IP 20.1.1.2 > 224.0.0.22: igmp v3 report, 1 group record(s) 11:03:09.553049 In IP 20.1.1.2 > 224.0.0.22: igmp v3 report, 1 group record(s) 11:03:09.553051 In IP 20.1.1.2 > 224.0.0.22: igmp v3 report, 1 group record(s) ^C^C 533 packets received by filter 0 packets dropped by kernel Thanks, Marlon _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
