Log messages indicate sampling violation even when sampling is not configured on the router

The following log messages are seen:

even though sampling is not configured on the router.

This is not a DDOS attack, and it does not indicate an error condition.

The following log messages are seen:

even though sampling is not configured on the router.

If then log, then syslog or then sample is configured in a firewall filter, and the rate of logged or sampled packets is above thedistributed denial-of-service (DDoS threshold), then these logs are seen.

This is not a DDOS attack, and it does not indicate an error condition.

The DDOS threshold for this packet type can be raised if desired.
http://www.juniper.net/techpubs/en_US/junos/topics/task/configuration/subscriber-management-ddos-packet.html

This output will show the currently configured thresholds:

Here are the column headers and default values:

This output has more detailed output:

 

About the author

Prasanna

Leave a Comment