low TTL on the multicast frames will cause this.. Also the multicast destination addresses will do this too if they're in 224.0.0.0/24
On Wed, Mar 5, 2014 at 8:49 AM, Sebastian Wiesinger < juniper-...@ml.karotte.org> wrote: > Hello, > > I'm currently looking at an EX4500 setup that had a few problems > related to multicast/broadcast packets going to the CPU (and sometimes > preventing required packets like LACP reaching the CPU) of the switch. > I assume this was because the queue between PFE and CPU was full (is > there a way to check?). > > I noticed that multicast and broadcast packets in all VLANs are sent > to the CPU. My question is why? IGMP snooping and VSTP is not enabled > on the switch and apart from that I don't see an apparent reason why > it should do this for tagged frames. > > Example of packets being sent to the CPU includes VRRP packets from > attached routers (DMAC 01:00:5e:00:00:12) and BOOTP/DHCP (DMAC > ff:ff:ff:ff:ff:ff) packets. > > Would an lo0 firewall filter help? Is this applied before or after the > packets are sent over the PFE-CPU link? > > Perhaps you could share your ideas on how this could be prevented and > what you're doing to protect the CPU on these EX boxes. > > Regards > > Seastian > > -- > GPG Key: 0x93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE) > 'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE > SCYTHE. > -- Terry Pratchett, The Fifth Elephant > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp