[j-nsp] DOS Attack

2010-08-03 Thread sherif mostafa
Dears, Could anyone help please as I've faced an error message "DOS" below that caused high CPU usage: ERROR 08/02/2010 16:22:46 CAI dosProtection: Flow is suspicious: GigabitEthernet11/0.410 for control protocol: IP TTL Expired source MAC 0018.742f.b380 with rate 241 pps ERROR 08/02/2010

[j-nsp] M10 monitor interface traffic

2010-08-03 Thread Onam Rubio
Hello everyone, A few hours ago I check the bandwith on the interface but after a few seconds a * appears. *ge-0/0/0 I check the logs and I found "No memory available" is this the problem? Thanks for your help. __

Re: [j-nsp] Traffic drops on IPSEC - SRX3600

2010-08-03 Thread Fahad Khan
Mind it, this is SRX3600 in Chassis Cluster environment. regards, Muhammad Fahad Khan JNCIP - M/T # 834 IT Specialist Global Technology Services, IBM fa...@pk.ibm.com +92-301-8247638 Skype: fahad-ibm http://pk.linkedin.com/in/muhammadfahadkhan On Tue, Aug 3, 2010 at 9:50 PM, Fahad Khan wrote:

Re: [j-nsp] Traffic drops on IPSEC - SRX3600

2010-08-03 Thread Fahad Khan
The strange issue is that, the drop is not related with the amount of traffic, it relates with the number of user (hence with the number of sessions perhaps) , since there was no drop when 4 or 5 users choke the link upto 90 MB, but when there comes 100 to 150 users in the building with even 10 or

Re: [j-nsp] Traffic drops on IPSEC - SRX3600

2010-08-03 Thread Quoc Hoang
Not sure what encryption algorithm is being used but we have noticed AES and perhaps others as well on JunOS that it requires more overhead. Check your ipsec mss. JTAC has recommended mss 1350 (previously we had it 1400 which was our default on the netscreens). It resolved one of our performance

Re: [j-nsp] Traffic drops on IPSEC - SRX3600

2010-08-03 Thread Fahad Khan
Hi Jerome, When are u gonna try that? Has any body got the solution??? regards, Muhammad Fahad Khan JNCIP - M/T # 834 IT Specialist Global Technology Services, IBM fa...@pk.ibm.com +92-301-8247638 Skype: fahad-ibm http://pk.linkedin.com/in/muhammadfahadkhan On Tue, Aug 3, 2010 at 3:18 PM, Jérô

Re: [j-nsp] Traffic drops on IPSEC - SRX3600

2010-08-03 Thread Jérôme Fleury
Hi there, I think I'm experiencing the same issue here: SRX 3600 in cluster mode, running 10.1R2.8 1 SPC / 1 NPC per chassis VPN in policy based mode with a remote CheckPoint I can clearly see packet loss in the way SRX -> Checkpoint, resulting in very poor performances in the tunnel We'll try

Re: [j-nsp] Traffic drops on IPSEC - SRX3600

2010-08-03 Thread Fahad Khan
Very scary!!! regards, Muhammad Fahad Khan JNCIP - M/T # 834 IT Specialist Global Technology Services, IBM fa...@pk.ibm.com +92-301-8247638 Skype: fahad-ibm http://pk.linkedin.com/in/muhammadfahadkhan On Tue, Aug 3, 2010 at 9:35 AM, Ivan Ivanov wrote: > Hm, this sounds more than scary! > > So