show ddos-protection protocols statistics
Sintaxe
show ddos-protection protocols <protocol-group> statistics<brief | detail | terse>
Descrição
Exibir estatísticas de tráfego e estatísticas de violação do policial DDoS para todos os grupos de protocolo ou para um determinado grupo de protocolo.
Os policiais de proteção contra DDoS atuam nas filas de tráfego do sistema. As linhas de switches QFX5100 e QFX5200 gerenciam o tráfego para mais protocolos do que o número de filas, por isso o sistema muitas vezes deve mapear mais de um protocolo para a mesma fila. Quando o tráfego para um protocolo compartilha uma fila com outros protocolos e viola os limites do policial de proteção contra DDoS, este comando relata uma violação nessa fila para todos os protocolos mapeados porque o sistema não distingue qual tráfego do protocolo causou especificamente a violação. Você pode usar o que sabe sobre os tipos de tráfego que fluem por sua rede para identificar qual dos protocolos relatados realmente desencadeou a violação.
Opções
| Nenhum | Exibir informações para todos os grupos de protocolo. |
| breve | | detalhada Concisa | (Opcional) Exibir o nível de saída especificado.
|
| protocol-group | (Opcional) Exibir informações para um determinado grupo de protocolo. Consulte protocolos de proteção contra ddos para uma lista de grupos disponíveis. |
Nível de privilégio necessário
Ver
Campos de saída
A Tabela 1 lista os campos de saída para o show ddos-protection protocols statistics comando. Os campos de saída estão listados na ordem aproximada em que eles aparecem.
Nome de campo |
Descrição do campo |
Nível de saída |
|---|---|---|
|
Nome do grupo de protocolo. |
Todos os níveis |
|
Nome do tipo de pacote em grupo de protocolo. |
Todos os níveis |
|
As seguintes informações coletadas para o roteador:
|
|
|
As seguintes informações coletadas para o Mecanismo de Roteamento:
|
|
|
As seguintes informações coletadas para a placa no slot indicado:
|
|
|
Número de pacotes deste tipo de pacote ou grupo de protocolo recebidos em todas as placas e no Mecanismo de Roteamento. |
|
|
O número de pacotes caiu para este tipo de pacote ou grupo de protocolo, independentemente de onde os pacotes foram descartados. |
|
|
Taxa de tráfego mais alta observada para este tipo de pacote ou grupo de protocolo. |
|
|
Número de violações da largura de banda do policial. |
|
|
Estado de violação do tipo de pacote:
|
|
Saída de amostra
- mostram estatísticas de protocolos de proteção contra ddos
- resumo das estatísticas dos protocolos de proteção contra ddos
- mostrar estatísticas de protocolos de proteção contra ddose
- mostram estatísticas de pppoe de protocolos de proteção contra ddos
- mostrar resumo das estatísticas de pppoe de protocolos de proteção contra ddos
mostram estatísticas de protocolos de proteção contra ddos
user@host> show ddos-protection protocols statistics
Protocol Group: IPv4-Unclassified
Packet type: aggregate
System-wide information:
Aggregate bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Aggregate policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by individual policers: 0
FPC slot 1 information:
Aggregate policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by individual policers: 0
Protocol Group: IPv6-Unclassified
Packet type: aggregate
System-wide information:
Aggregate bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Aggregate policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by individual policers: 0
FPC slot 1 information:
Aggregate policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by individual policers: 0
Protocol Group: PPPoE
Packet type: aggregate
System-wide information:
Aggregate bandwidth is never violated
Received: 61961244 Arrival rate: 4000 pps
Dropped: 0 Max arrival rate: 4002 pps
Routing Engine information:
Aggregate policer is never violated
Received: 15488871 Arrival rate: 1001 pps
Dropped: 0 Max arrival rate: 1011 pps
Dropped by individual policers: 0
FPC slot 1 information:
Aggregate policer is never violated
Received: 61961244 Arrival rate: 4000 pps
Dropped: 46473017 Max arrival rate: 4002 pps
Dropped by individual policers: 46473017
Packet type: padi
System-wide information:
Bandwidth is being violated!
No. of FPCs currently receiving excess traffic: 1
No. of FPCs that have received excess traffic: 1
Violation first detected at: 2011-04-19 08:23:17 PDT
Violation last seen at: 2011-04-19 12:41:23 PDT
Duration of violation: 04:18:06 Number of violations: 1
Received: 30980622 Arrival rate: 2000 pps
Dropped: 23236505 Max arrival rate: 2001 pps
Routing Engine information:
Policer is never violated
Received: 7744433 Arrival rate: 500 pps
Dropped: 0 Max arrival rate: 505 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is currently being violated!
Violation first detected at: 2011-04-19 08:23:17 PDT
Violation last seen at: 2011-04-19 12:41:23 PDT
Duration of violation: 04:18:06 Number of violations: 1
Received: 30980622 Arrival rate: 2000 pps
Dropped: 23236505 Max arrival rate: 2001 pps
Dropped by this policer: 23236505
Dropped by aggregate policer: 0
Packet type: pado
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
Packet type: padr
System-wide information:
Bandwidth is being violated!
No. of FPCs currently receiving excess traffic: 1
No. of FPCs that have received excess traffic: 1
Violation first detected at: 2011-04-19 08:23:17 PDT
Violation last seen at: 2011-04-19 12:43:23 PDT
Duration of violation: 04:20:06 Number of violations: 1
Received: 31220846 Arrival rate: 2000 pps
Dropped: 23416690 Max arrival rate: 2001 pps
Routing Engine information:
Policer is never violated
Received: 7806417 Arrival rate: 499 pps
Dropped: 0 Max arrival rate: 506 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is currently being violated!
Violation first detected at: 2011-04-19 08:23:17 PDT
Violation last seen at: 2011-04-19 12:43:23 PDT
Duration of violation: 04:20:06 Number of violations: 1
Received: 31220846 Arrival rate: 2000 pps
Dropped: 23416690 Max arrival rate: 2001 pps
Dropped by this policer: 23416690
Dropped by aggregate policer: 0
Packet type: pads
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
Packet type: padt
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
Packet type: padm
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
Packet type: padn
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
...
resumo das estatísticas dos protocolos de proteção contra ddos
user@host> show ddos-protection protocols statistics brief Protocol Packet Received Dropped Rate Violation State group type (packets) (packets) (pps) counts ipv4-uncls aggregate 0 0 0 0 ok ipv6-uncls aggregate 0 0 0 0 ok dynvlan aggregate 0 0 0 0 ok ppp aggregate 0 0 0 0 ok ppp unclass 0 0 0 0 ok ppp lcp 0 0 0 0 ok ppp auth 0 0 0 0 ok ppp ipcp 0 0 0 0 ok ppp ipv6cp 0 0 0 0 ok ppp mplscp 0 0 0 0 ok ppp isis 0 0 0 0 ok pppoe aggregate 61561238 0 4000 0 ok pppoe padi 30780619 23086506 2000 1 viol pppoe pado 0 0 0 0 ok pppoe padr 30780619 23086499 2000 1 viol pppoe pads 0 0 0 0 ok pppoe padt 0 0 0 0 ok pppoe padm 0 0 0 0 ok pppoe padn 0 0 0 0 ok dhcpv4 aggregate 0 0 0 0 ok dhcpv4 unclass.. 0 0 0 0 ok dhcpv4 discover 0 0 0 0 ok dhcpv4 offer 0 0 0 0 ok dhcpv4 request 0 0 0 0 ok dhcpv4 decline 0 0 0 0 ok dhcpv4 ack 0 0 0 0 ok dhcpv4 nak 0 0 0 0 ok dhcpv4 release 0 0 0 0 ok dhcpv4 inform 0 0 0 0 ok dhcpv4 renew 0 0 0 0 ok dhcpv4 forcerenew 0 0 0 0 ok dhcpv4 leasequery 0 0 0 0 ok dhcpv4 leaseuna.. 0 0 0 0 ok dhcpv4 leaseunk.. 0 0 0 0 ok dhcpv4 leaseact.. 0 0 0 0 ok dhcpv4 bootp 0 0 0 0 ok dhcpv4 no-msgtype 0 0 0 0 ok dhcpv4 bad-pack.. 0 0 0 0 ok ... icmp aggregate 0 0 0 0 ok igmp aggregate 0 0 0 0 ok ospf aggregate 0 0 0 0 ok rsvp aggregate 0 0 0 0 ok pim aggregate 0 0 0 0 ok rip aggregate 0 0 0 0 ok ptp aggregate 0 0 0 0 ok bfd aggregate 0 0 0 0 ok lmp aggregate 0 0 0 0 ok ldp aggregate 0 0 0 0 ok msdp aggregate 0 0 0 0 ok bgp aggregate 0 0 0 0 ok vrrp aggregate 0 0 0 0 ok telnet aggregate 0 0 0 0 ok ...
mostrar estatísticas de protocolos de proteção contra ddose
user@host> show ddos-protection protocols statistics terse Protocol Packet Received Dropped Rate Violation State group type (packets) (packets) (pps) counts ipv4-uncls aggregate 241 0 0 0 ok icmp aggregate 20 0 0 0 ok igmp aggregate 55 0 0 0 ok ospf aggregate 956 0 0 0 ok rsvp aggregate 784 0 0 0 ok ldp aggregate 2984 0 0 0 ok bgp aggregate 312 0 0 0 ok lacp aggregate 1744 0 0 0 ok stp aggregate 9791 0 0 0 ok arp aggregate 19 0 0 0 ok pvstp aggregate 393 0 0 0 ok mlp aggregate 624774 0 0 0 ok mlp packets 1714371 223937 0 3 ok mcast-copy aggregate 3018038 0 0 0 ok igmp-snoop aggregate 43 0 0 0 ok fw-host aggregate 95547 0 0 0 ok uncls aggregate 10000 0 0 0 ok
mostram estatísticas de pppoe de protocolos de proteção contra ddos
user@host> show ddos-protection protocols pppoe statistics
Protocol Group: PPPoE
Packet type: aggregate
System-wide information:
Aggregate bandwidth is never violated
Received: 60381200 Arrival rate: 4000 pps
Dropped: 0 Max arrival rate: 4002 pps
Routing Engine information:
Aggregate policer is never violated
Received: 15095242 Arrival rate: 1001 pps
Dropped: 0 Max arrival rate: 1011 pps
Dropped by individual policers: 0
FPC slot 1 information:
Aggregate policer is never violated
Received: 60381200 Arrival rate: 4000 pps
Dropped: 45287921 Max arrival rate: 4002 pps
Dropped by individual policers: 45287921
Packet type: padi
System-wide information:
Bandwidth is being violated!
No. of FPCs currently receiving excess traffic: 1
No. of FPCs that have received excess traffic: 1
Violation first detected at: 2011-04-19 08:23:17 PDT
Violation last seen at: 2011-04-19 12:34:48 PDT
Duration of violation: 04:11:31 Number of violations: 1
Received: 30190600 Arrival rate: 2000 pps
Dropped: 22643960 Max arrival rate: 2001 pps
Routing Engine information:
Policer is never violated
Received: 7547621 Arrival rate: 499 pps
Dropped: 0 Max arrival rate: 505 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is currently being violated!
Violation first detected at: 2011-04-19 08:23:17 PDT
Violation last seen at: 2011-04-19 12:34:48 PDT
Duration of violation: 04:11:31 Number of violations: 1
Received: 30190600 Arrival rate: 2000 pps
Dropped: 22643960 Max arrival rate: 2001 pps
Dropped by this policer: 22643960
Dropped by aggregate policer: 0
Packet type: pado
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
Packet type: padr
System-wide information:
Bandwidth is being violated!
No. of FPCs currently receiving excess traffic: 1
No. of FPCs that have received excess traffic: 1
Violation first detected at: 2011-04-19 08:23:17 PDT
Violation last seen at: 2011-04-19 12:34:48 PDT
Duration of violation: 04:11:31 Number of violations: 1
Received: 30190600 Arrival rate: 2000 pps
Dropped: 22643961 Max arrival rate: 2001 pps
Routing Engine information:
Policer is never violated
Received: 7547621 Arrival rate: 501 pps
Dropped: 0 Max arrival rate: 506 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is currently being violated!
Violation first detected at: 2011-04-19 08:23:17 PDT
Violation last seen at: 2011-04-19 12:34:48 PDT
Duration of violation: 04:11:31 Number of violations: 1
Received: 30190600 Arrival rate: 2000 pps
Dropped: 22643961 Max arrival rate: 2001 pps
Dropped by this policer: 22643961
Dropped by aggregate policer: 0
Packet type: pads
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
Packet type: padt
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Routing Engine information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
Packet type: padm
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
Packet type: padn
System-wide information:
Bandwidth is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
FPC slot 1 information:
Policer is never violated
Received: 0 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 0 pps
Dropped by aggregate policer: 0
mostrar resumo das estatísticas de pppoe de protocolos de proteção contra ddos
user@host> show ddos-protection protocols pppoe statistics brief Protocol Packet Received Dropped Rate Violation State group type (packets) (packets) (pps) counts pppoe aggregate 60901227 0 4000 0 ok pppoe padi 30450613 22838981 2000 1 viol pppoe pado 0 0 0 0 ok pppoe padr 30450614 22838977 2000 1 viol pppoe pads 0 0 0 0 ok pppoe padt 0 0 0 0 ok pppoe padm 0 0 0 0 ok pppoe padn 0 0 0 0 ok
Informações de lançamento
Comando introduzido no Junos OS Release 11.2.