Hey, These are not related to your issue.,
The first one is complaining that you got bunch of packets to your device with TTL==1, you need to punt these and generate TTL exceeded message. Because it's done in software, it's limited to certain amount of packets. This is operationally normal during convergence due to microloops and such. The second one is complaining that packet came in which wanted to go out via interface which has smaller MTU, these also need to be punted so we can generate fragmentation needed but DF set message. Doesn't indicate anything to help with your original problem, but you might want to know why do you have such an small egress MTU, ideally you wouldn't ever decrease MTU inside your network. What ever your problem is, no one can help you with these messages. On Sat, 10 Nov 2018 at 23:07, Rodrigo 1telecom <rodr...@1telecom.com.br> wrote: > > > Hi folks.... recently we have some trouble with some mpls tunnels.... > sometime these tunnels goes down: > Follow out logfiles: > > Nov 9 20:03:42 PE-REC-A01-BKB-SW-001 jddosd[1769]: > DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for > protocol/exception TTL:aggregate exceeded its allowed bandwidth at fpc 0 for > 212 times, started at 2018-11-09 20:03:41 BRT > Nov 9 20:03:42 PE-REC-A01-BKB-SW-001 jddosd[1769]: > DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for > protocol/exception L3MTU-fail:aggregate exceeded its allowed bandwidth at > fpc 0 for 212 times, started at 2018-11-09 20:03:41 BRT > Can someone help us? > Enviado via iPhone > Grupo Connectoway > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp -- ++ytti _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp