On 21.12.10 17:20, ibariouen khalid wrote: > Dear all > > Can someone tell me what is the default value of "default_arp_policer" ? is > there any recommendation to reduce the values ;because i have an issue with > an ARP storme and the router is impacted . > the major problem with the default arp policer is that it is a shared filter across all interfaces. That is, if you have an ARP storm on a single interface, that can have an impact even on transit- or core-facing interfaces. I can't remember how to view the default policer values, IIRC it's about 5 Mbit or so. Do you see an increase in filtered packets using show policer __default_arp_policer__ ? If so, it may be helpful to place interface-specific arp policers on at least core- and transit interfaces, but really it'd be best to apply an arp ratelimit to every interface. That's fairly easy to implement using a single policer and configuration groups. Having that in place, you can also more easily identify the interface that's ARP storming.
Kind regards, Felix -- Felix Schüren Head of Network ----------------------------------------------------------------------- Host Europe GmbH - http://www.hosteurope.de Welserstraße 14 - 51149 Köln - Germany Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*) HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678 Geschäftsführer: Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller (*) 0,14 EUR/Min. aus dem dt. Festnetz, Mobilfunkpreise ggf. abweichend _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp