Thanks for that.
By the way, this seems to work also, which is more consistent between IPv4 &
IPv6:
set routing-options rib inet.0 protect core
set routing-options rib inet6.0 protect core
Jay Ford, Network
Hello
For ipv6
set routing-options rib inet6.0 protect core
For ipv4
set routing-options protect core
David Roy
IP/MPLS NOC engineer - Orange France
Ph. : +33 2 99 28 57 66
Mob. : +33 6 85 52 22 13
SkypeID : davidroy.35
david@orange.com
JNCIE x3 (SP #703 ; ENT #305 ; SEC #144)
There is Juniper documentation acknowledging the use case of BGP PIC for inet
& inet6 unicast, but I can't find a way to enable it for inet6 at Junos
16.2R2.8. Pointers to how to do so would be cool, but confirmation that it
isn't supported (yet) would also be appreciated.
On Tue, Nov 21, 2017 at 06:28:07AM -0800, Emille Blanc wrote:
> Hello folks,
>
> Trudging through the woes that are cross-vendor compatibility issues, and
> failing completely at getting a link between an EX3400 or EX4600, and an HPE
> FlexFabric-20/40 F8 card in our c7000 enclosure using an
Hello folks,
Trudging through the woes that are cross-vendor compatibility issues, and
failing completely at getting a link between an EX3400 or EX4600, and an HPE
FlexFabric-20/40 F8 card in our c7000 enclosure using an HPE branded QSFP+ 3mtr
DAC. That is to say, Juniper on one side, HPE on
Sorry, I meant the opposite (i.e. the defaults are too high).
One that is specially high is the IGMP at 20k. Multicast loops on
large layer-2 fabrics (IXPs) will bring down first-gen Trios very
easily (can't say the same for the newer ones up to Eagle).
On Tue, Nov 21, 2017 at 10:19 AM, Saku
On 21 November 2017 at 14:12, Luis Balbinot wrote:
> The DDoS protection factory defaults are very low in some cases. The
> Juniper MX Series book has a nice chapter on that.
Do you have an example? Most of them are like 20kpps, which ismore
than you need to congest the
Most likely spoofed traffic or you don't have full tables or a default
route. A /18 will pull a lot of unwanted traffic.
The DDoS protection factory defaults are very low in some cases. The
Juniper MX Series book has a nice chapter on that.
On Tue, 21 Nov 2017 at 09:02 Karl Gerhard
Hi Karl,
DDOS subsystem applies only to the traffic destined to the host (router
itself) and not transit traffic.
When you announce that /18 have you got all destinations of that /18
reachable by the router? Have you got default route ?
The graceful way to handle those messages is to
Hey Karl,
Do you have large connected subnet, largely empty?
I believe 'resolve' is packet needing ARP resolution. I.e. you got
packet to subnet address 192.0.2.42, but it did not have MAC address,
so it could not be forwarded, but had to be punted to software for ARP
resolution. Because it
Hello
our syslog is getting spammed with the following messages:
jddosd[12168]: %DAEMON-4-DDOS_PROTOCOL_VIOLATION_SET: Protocol resolve:ucast-v4
is violated at fpc 11 for 1389 times
jddosd[12168]: %DAEMON-4-DDOS_PROTOCOL_VIOLATION_CLEAR: Protocol
resolve:ucast-v4 has returned to normal.
11 matches
Mail list logo