wg-multicast - Re: MSDP SA explosion - sasser worm?
Subject: All things related to multicast
List archive
- From:
- To: David Mitchell <>
- Cc: Bill Owens <>, <>
- Subject: Re: MSDP SA explosion - sasser worm?
- Date: Tue, 4 May 2004 10:13:22 -0700 (PDT)
Sorry.. 20 is far too low. I have individual sources using RMT/webrc
transport which can consume my entire glop space - yes, one source.
So a more realistic per-source number should be 256 so you don't break me.
:D
Thanks,
Greg
On Tue, 4 May 2004, David Mitchell wrote:
> On Tue, 4 May 2004
>
> wrote:
>
> >
> >
> > ..in the msdp config block of course. What I also noticed with the
> > per-source filtering in place, is that it logs which sources excede the
> > limit:
> >
> > rtr> show msdp source
> > -snip-
> > 128.178.25.195 /32 Dynamic 1000 900 36579
> > 128.178.45.143 /32 Dynamic 1000 900 161785
> > 128.178.54.64 /32 Dynamic 1000 900 36429
> > 128.178.61.58 /32 Dynamic 1000 900 9817
> > 128.178.67.167 /32 Dynamic 1000 900 118644
> > 128.178.69.65 /32 Dynamic 1000 900 181518
> > 128.178.78.121 /32 Dynamic 1000 900 67
> > 128.178.85.17 /32 Dynamic 1000 900 225165
> > 128.178.125.121 /32 Dynamic 1000 900 202427
> > -snip-
>
> Even better:
>
> re-0> show msdp source | except " 0"
> Source address /Len Type Maximum Threshold Exceeded
> 128.95.105.92 /32 Dynamic 20 none 2236
> 128.178.54.64 /32 Dynamic 20 none 14162
> 128.178.61.61 /32 Dynamic 20 none 1104
> 128.178.67.167 /32 Dynamic 20 none 16168
> 128.178.69.65 /32 Dynamic 20 none 2764
> 128.178.78.121 /32 Dynamic 20 none 55930
> 128.178.85.17 /32 Dynamic 20 none 46310
> ^C[abort]
>
> We used a limit of 20, which seems like it should be plenty for any given
> single source. This is cutting the number of SA's we accept from Abilene
> by about 1/3 (from ~15K to ~5K).
>
> -David Mitchell
>
> >
> > Greg
> >
> > On Tue, 4 May 2004, Bill Owens wrote:
> >
> > > On Tue, May 04, 2004 at 09:57:59AM -0400, Charles R. Anderson wrote:
> > > > JunOS 6.3 introduces per-source MSDP SA limits.
> > >
> > > It is in the docs as far back as 6.0, and our box running the latest
> > > patched 5.7 also has the command, though it isn't in the docs:
> > >
> > > group foo {
> > > peer 1.2.3.4 {
> > > local-address 1.2.3.5;
> > > active-source-limit {
> > > maximum 200;
> > > }
> > > }
> > > }
> > >
> > > Bill.
> > >
> >
> >
>
> -----------------------------------------------------------------
> | David Mitchell
> ()
> Network Engineer IV |
> | Tel: (303) 497-1845 National Center for |
> | FAX: (303) 497-1818 Atmospheric Research |
> -----------------------------------------------------------------
>
- Re: MSDP SA explosion - sasser worm?, (continued)
- Re: MSDP SA explosion - sasser worm?, shep, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Charles R. Anderson, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Leonard Giuliano, 05/04/2004
- Reliable Multicast, Patcharee Basu, 05/07/2004
- Re: MSDP SA explosion - sasser worm?, Leonard Giuliano, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Joel Jaeggli, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, John Zwiebel, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Joel Jaeggli, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, John Zwiebel, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Joel Jaeggli, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Charles R. Anderson, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, John Zwiebel, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, shep, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, shep, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, shep, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
Archive powered by MHonArc 2.6.16.