Recently, we observed application latency that is transiting via Junos device.
We couldn’t able to find any errors, qos and other network related issue.
We observed ddos logs and junos
<28>1 2024-04-25T18:11:03.625Z xxx jddosd 2211 DDOS_PROTOCOL_VIOLATION_SET [junos@2636.1.1.1.4.82.5 protocol-name="Redirect:aggregate" source-name="fpc 0" repeat-count="51" time-first-detected="2024-04-25 18:11:03 UTC"] Warning: Host-bound traffic for protocol/exception Redirect:aggregate exceeded its allowed bandwidth at fpc 0 for 51 times, started at 2024-04-25 18:11:03 UTC
<28>1 2024-04-25T18:16:04.110Z xxx jddosd 2211 DDOS_PROTOCOL_VIOLATION_CLEAR [junos@2636.1.1.1.4.82.5 protocol-name="Redirect:aggregate" source-name="fpc 0" repeat-count="51" time-first-detected="2024-04-25 18:11:03 UTC" time-last-detected="2024-04-25 18:11:03 UTC"] INFO: Host-bound traffic for protocol/exception Redirect:aggregate has returned to normal. Its allowed bandwidth was exceeded at fpc 0 for 51 times, from 2024-04-25 18:11:03 UTC to 2024-04-25 18:11:03 UTC
Below links explains about ddos protection in Junos and icmp redirect
Leave a Reply