On Mon, Feb 11, 2013 at 6:15 PM, Sebastian Wiesinger <[email protected]> wrote: > I noticed that a MX80 takes quite a long time after reboot to put all > routes into the KRT. Is that normal for that box? It takes around 10 > minutes after BGP is established to get all the routes into the KRT
Yes, the routes taking a long time to install is "normal," unfortunately. I feel like it has got worse since 10.4 but that might be my imagination. I am sorry I missed Richard Steenbergen's lightning talk at NANOG, which was something like "if you want your routers to install routes, call Juniper and reference PR#<whatever> because they do not want to fix this bug." I am hopeful that the move away from a single Junos release strategy to some segregation among different products will allow Juniper to be more flexible in how they allocate development resources to different platforms. If I had to guess, I'd say the ddos-related log messages you are reading are related to excessive need to generate ttl_exceeded packets because of routing loops while BGP is announcing to neighboring routers but the routes are not actually installed in the FIB yet. Even if I am wrong about the specifics here, I am certain it is only a symptom of the problem which is unrelated to the ddos-protection feature. -- Jeff S Wheeler <[email protected]> Sr Network Operator / Innovative Network Concepts _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
