wg-multicast - Re: MSDP SA explosion - sasser worm?
Subject: All things related to multicast
List archive
- From: Leonard Giuliano <>
- To: "Charles R. Anderson" <>
- Cc:
- Subject: Re: MSDP SA explosion - sasser worm?
- Date: Tue, 4 May 2004 12:10:14 -0700 (PDT)
On Tue, 4 May 2004, Charles R. Anderson wrote:
-) On Tue, May 04, 2004 at 10:10:29AM -0400, Bill Owens wrote:
-) > On Tue, May 04, 2004 at 09:57:59AM -0400, Charles R. Anderson wrote:
-) > > JunOS 6.3 introduces per-source MSDP SA limits.
-) >
-) > It is in the docs as far back as 6.0, and our box running the latest
-) > patched 5.7 also has the command, though it isn't in the docs:
-)
-) I think the per-source part of it is new:
-)
In recent Junos releases, you can rate limit on a Per-Peer, Per-Instance
and/or Per-Source basis. Junos 6.2 is the first release where all 3
limits are supported and available. Default for each is 25K. It's a bit
low, and will be probably be changed, and that's why you may be seeing
logs get filled if you have upgraded recently.
The docs are somewhat lacking on these features and are due to be
augmented soon. The following won't accept any more than 100k SAs from
the peer, won't allow more that 200k SAs on the box, and won't allow any
single source host to generate more than 1k SAs. Between the threshold
and the max, we drop based on RED.
*I am not endorsing any specific values for each, so pick whatever you
think is reasonable. These are just arbitrarily selected numbers that
will allow you to see all of Shep's barn cams and Joel's DF streams.
msdp {
active-source-limit {
maximum 200000;
threshold 190000;
}
source 0.0.0.0/0 {
active-source-limit {
maximum 1000;
threshold 900;
}
}
group abc {
peer 1.1.1.1 {
active-source-limit {
maximum 100000;
threshold 90000;
}
}
}
}
-Lenny
- Please filter TCP to 224/4 [was MSDP SA explosion - sasser worm?], (continued)
- Please filter TCP to 224/4 [was MSDP SA explosion - sasser worm?], Charles R. Anderson, 05/03/2004
- Re: Please filter TCP to 224/4 [was MSDP SA explosion - sasser worm?], Amel Caldwell, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, William F. Maton, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Marshall Eubanks, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, David Farmer, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Marshall Eubanks, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Charles R. Anderson, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, shep, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Charles R. Anderson, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Leonard Giuliano, 05/04/2004
- Reliable Multicast, Patcharee Basu, 05/07/2004
- Re: MSDP SA explosion - sasser worm?, Leonard Giuliano, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Joel Jaeggli, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, John Zwiebel, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Joel Jaeggli, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, John Zwiebel, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Joel Jaeggli, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Charles R. Anderson, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, John Zwiebel, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, William F. Maton, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, shep, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, shep, 05/04/2004
- Re: MSDP SA explosion - sasser worm?, Bill Owens, 05/04/2004
- Please filter TCP to 224/4 [was MSDP SA explosion - sasser worm?], Charles R. Anderson, 05/03/2004
Archive powered by MHonArc 2.6.16.